diff options
author | Simo Sorce <idra@samba.org> | 2001-12-30 19:21:25 +0000 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2001-12-30 19:21:25 +0000 |
commit | 0608a60390db336bf179564aefdf16c43f1793ad (patch) | |
tree | 8ec4cc2b229552e37392cbaf7cc6b8f734469770 /source3/passdb | |
parent | f6e6c678ad5338264496de43e9e1ab2fe4a28e64 (diff) | |
download | samba-0608a60390db336bf179564aefdf16c43f1793ad.tar.gz samba-0608a60390db336bf179564aefdf16c43f1793ad.tar.bz2 samba-0608a60390db336bf179564aefdf16c43f1793ad.zip |
util_sid.c - respect a const variabile (addedd strdup)
cli_reg.c - indentation
pdb_ldap.c - some checks on init fns parameters
pdb_tdb.c - some checks on init fns parameters + make sure we close the db on failure
(This used to be commit 49f5cb7a3df6d673f86e6769319aa657e30d8380)
Diffstat (limited to 'source3/passdb')
-rw-r--r-- | source3/passdb/pdb_ldap.c | 14 | ||||
-rw-r--r-- | source3/passdb/pdb_tdb.c | 57 |
2 files changed, 48 insertions, 23 deletions
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 215292be48..b9facb3a33 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -70,7 +70,9 @@ ldap_open_connection (LDAP ** ldap_struct) int port; int version, rc; int tls = LDAP_OPT_X_TLS_HARD; - + + /* there should be an lp_ldap_ssl_port(), what happen if for some + reason we need to bind an SSLed LDAP on port 389 ?? ---simo */ if (lp_ldap_ssl() == LDAP_SSL_ON && lp_ldap_port() == 389) { port = 636; } @@ -368,6 +370,11 @@ static BOOL init_sam_from_ldap (SAM_ACCOUNT * sampass, uint8 *hours; pstring temp; + if (sampass == NULL || ldap_struct == NULL || entry == NULL) { + DEBUG(0, ("init_sam_from_ldap: NULL parameters found!\n")); + return False; + } + get_single_attribute(ldap_struct, entry, "uid", username); DEBUG(2, ("Entry found for user: %s\n", username)); @@ -526,6 +533,11 @@ static BOOL init_ldap_from_sam (LDAPMod *** mods, int ldap_state, const SAM_ACCO { pstring temp; + if (mods == NULL || sampass == NULL) { + DEBUG(0, ("init_ldap_from_sam: NULL parameters found!\n")); + return False; + } + *mods = NULL; /* diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index fbfdd1aace..8c17bb76ec 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -80,6 +80,11 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, uint32 bufle uint32 len = 0; uint32 lmpwlen, ntpwlen, hourslen; BOOL ret = True; + + if(sampass == NULL || buf == NULL) { + DEBUG(0, ("init_sam_from_buffer: NULL parameters found!\n")); + return False; + } /* unpack the buffer into variables */ len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING, @@ -207,9 +212,11 @@ static uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass) uint32 nt_pw_len = 16; /* do we have a valid SAM_ACCOUNT pointer? */ - if (sampass == NULL) + if (sampass == NULL) { + DEBUG(0, ("init_buffer_from_sam: SAM_ACCOUNT is NULL!\n")); return -1; - + } + *buf = NULL; buflen = 0; @@ -404,7 +411,7 @@ void pdb_endsampwent(void) global_tdb_ent.passwd_tdb = NULL; } - DEBUG(7, ("endtdbpwent: closed password file.\n")); + DEBUG(7, ("endtdbpwent: closed sam database.\n")); } /***************************************************************** @@ -425,10 +432,10 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user) return False; } - /* skip all RID entries */ - while ((global_tdb_ent.key.dsize != 0) && (strncmp (global_tdb_ent.key.dptr, prefix, prefixlen))) + /* skip all non-USER entries (eg. RIDs) */ + while ((global_tdb_ent.key.dsize != 0) && (strncmp(global_tdb_ent.key.dptr, prefix, prefixlen))) /* increment to next in line */ - global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key); + global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key); /* do we have an valid interation pointer? */ if(global_tdb_ent.passwd_tdb == NULL) { @@ -436,14 +443,14 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user) return False; } - data = tdb_fetch (global_tdb_ent.passwd_tdb, global_tdb_ent.key); + data = tdb_fetch(global_tdb_ent.passwd_tdb, global_tdb_ent.key); if (!data.dptr) { DEBUG(5,("pdb_getsampwent: database entry not found.\n")); return False; } /* unpack the buffer */ - if (!init_sam_from_buffer (user, data.dptr, data.dsize)) { + if (!init_sam_from_buffer(user, data.dptr, data.dsize)) { DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n")); SAFE_FREE(data.dptr); return False; @@ -461,11 +468,11 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user) uid = pw->pw_uid; gid = pw->pw_gid; - pdb_set_uid (user, uid); - pdb_set_gid (user, gid); + pdb_set_uid(user, uid); + pdb_set_gid(user, gid); /* increment to next in line */ - global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key); + global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key); return True; } @@ -495,12 +502,12 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname) unix_strlower(sname, -1, name, sizeof(name)); get_private_directory(tdbfile); - pstrcat (tdbfile, PASSDB_FILE_NAME); + pstrcat(tdbfile, PASSDB_FILE_NAME); /* set search key */ slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name); key.dptr = keystr; - key.dsize = strlen (keystr) + 1; + key.dsize = strlen(keystr) + 1; /* open the accounts TDB */ if (!(pwd_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600))) { @@ -509,34 +516,40 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname) } /* get the record */ - data = tdb_fetch (pwd_tdb, key); + data = tdb_fetch(pwd_tdb, key); if (!data.dptr) { DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n")); DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb))); - tdb_close (pwd_tdb); + tdb_close(pwd_tdb); return False; } /* unpack the buffer */ - if (!init_sam_from_buffer (user, data.dptr, data.dsize)) { + if (!init_sam_from_buffer(user, data.dptr, data.dsize)) { DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n")); SAFE_FREE(data.dptr); + tdb_close(pwd_tdb); return False; } SAFE_FREE(data.dptr); + + /* cleanup */ + tdb_close(pwd_tdb); /* validate the account and fill in UNIX uid and gid. sys_getpwnam() - is used instaed of Get_Pwnam() as we do not need to try case + is used instead of Get_Pwnam() as we do not need to try case permutations */ if ((pw=sys_getpwnam(pdb_get_username(user)))) { uid = pw->pw_uid; gid = pw->pw_gid; - pdb_set_uid (user, uid); - pdb_set_gid (user, gid); + pdb_set_uid(user, uid); + pdb_set_gid(user, gid); + } + else { + DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL. User does not exist!\n", + pdb_get_username(user))); + return False; } - - /* cleanup */ - tdb_close (pwd_tdb); return True; } |