summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-12-10 05:23:47 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:16:24 -0500
commit25d6eaae8d0d885add7e64b96df7a489328c6b0f (patch)
tree431680de76ddff114e445d656f599f8b0fb3a667 /source3/smbd
parentaf0f14e3a72756dfaff36e0106ae0f7eaac06633 (diff)
downloadsamba-25d6eaae8d0d885add7e64b96df7a489328c6b0f.tar.gz
samba-25d6eaae8d0d885add7e64b96df7a489328c6b0f.tar.bz2
samba-25d6eaae8d0d885add7e64b96df7a489328c6b0f.zip
r20098: Properly fix issues with create_token_from_username()
reported by James. Ensure that this function allocates everything on the temporary context except the return memory. Never call this with a null mem context, and now use conn->mem_ctx instead in smbd/service.c. Remove separate free functions for conn->ngroups and conn->nt_user_token as they are now always talloc'ed off the conn->mem_ctx. Future optimization will be to remove conn->mem_ctx and make all objects pointed to in the conn struct talloc'ed off conn itself. Easy to free then :-). Jeremy. (This used to be commit f83b6de44f1058811ff94ac72a8a71bd8e49e4e8)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/conn.c9
-rw-r--r--source3/smbd/service.c50
2 files changed, 17 insertions, 42 deletions
diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index f2c04662a1..19ed49e7bf 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -268,15 +268,6 @@ void conn_free_internal(connection_struct *conn)
handle = thandle;
}
- if (conn->ngroups && conn->groups) {
- TALLOC_FREE(conn->groups);
- conn->ngroups = 0;
- }
-
- if (conn->nt_user_token) {
- TALLOC_FREE(conn->nt_user_token);
- }
-
free_namearray(conn->veto_list);
free_namearray(conn->hide_list);
free_namearray(conn->veto_oplock_list);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 08370b1c80..9b6743f76b 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -468,43 +468,28 @@ static NTSTATUS share_sanity_checks(int snum, fstring dev)
return NT_STATUS_OK;
}
-static NTSTATUS find_forced_user(int snum, BOOL vuser_is_guest,
- uid_t *uid, gid_t *gid, fstring username,
- struct nt_user_token **token)
+static NTSTATUS find_forced_user(connection_struct *conn, BOOL vuser_is_guest, fstring username)
{
- TALLOC_CTX *mem_ctx;
+ int snum = conn->params->service;
char *fuser, *found_username;
- struct nt_user_token *tmp_token;
NTSTATUS result;
- if (!(mem_ctx = talloc_new(NULL))) {
- DEBUG(0, ("talloc_new failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if (!(fuser = talloc_string_sub(mem_ctx, lp_force_user(snum), "%S",
+ if (!(fuser = talloc_string_sub(conn->mem_ctx, lp_force_user(snum), "%S",
lp_servicename(snum)))) {
- TALLOC_FREE(mem_ctx);
return NT_STATUS_NO_MEMORY;
-
}
- result = create_token_from_username(mem_ctx, fuser, vuser_is_guest,
- uid, gid, &found_username,
- &tmp_token);
+ result = create_token_from_username(conn->mem_ctx, fuser, vuser_is_guest,
+ &conn->uid, &conn->gid, &found_username,
+ &conn->nt_user_token);
if (!NT_STATUS_IS_OK(result)) {
- TALLOC_FREE(mem_ctx);
return result;
}
- if (!(*token = dup_nt_token(NULL, tmp_token))) {
- TALLOC_FREE(mem_ctx);
- return NT_STATUS_NO_MEMORY;
- }
-
fstrcpy(username, found_username);
- TALLOC_FREE(mem_ctx);
+ TALLOC_FREE(fuser);
+ TALLOC_FREE(found_username);
return NT_STATUS_OK;
}
@@ -638,6 +623,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
return NULL;
}
+ conn->params->service = snum;
conn->nt_user_token = NULL;
if (lp_guest_only(snum)) {
@@ -654,12 +640,12 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
*status = NT_STATUS_NO_SUCH_USER;
return NULL;
}
- status2 = create_token_from_username(NULL, pass->pw_name, True,
+ status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
&conn->uid, &conn->gid,
&found_username,
&conn->nt_user_token);
if (!NT_STATUS_IS_OK(status2)) {
- TALLOC_FREE(found_username);
+ TALLOC_FREE(pass);
conn_free(conn);
*status = status2;
return NULL;
@@ -701,6 +687,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
} else if (lp_security() == SEC_SHARE) {
NTSTATUS status2;
char *found_username = NULL;
+
/* add it as a possible user name if we
are in share mode security */
add_session_user(lp_servicename(snum));
@@ -713,12 +700,11 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
return NULL;
}
pass = Get_Pwnam(user);
- status2 = create_token_from_username(NULL, pass->pw_name, True,
+ status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
&conn->uid, &conn->gid,
&found_username,
&conn->nt_user_token);
if (!NT_STATUS_IS_OK(status2)) {
- TALLOC_FREE(found_username);
conn_free(conn);
*status = status2;
return NULL;
@@ -740,7 +726,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = conn->lastused_count = time(NULL);
- conn->params->service = snum;
conn->used = True;
conn->printer = (strncmp(dev,"LPT",3) == 0);
conn->ipc = ( (strncmp(dev,"IPC",3) == 0) ||
@@ -778,10 +763,9 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
if (*lp_force_user(snum)) {
NTSTATUS status2;
- status2 = find_forced_user(snum,
- (vuser != NULL) && vuser->guest,
- &conn->uid, &conn->gid, user,
- &conn->nt_user_token);
+ status2 = find_forced_user(conn,
+ (vuser != NULL) && vuser->guest,
+ user);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
@@ -858,7 +842,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
sid_string_static(sid)));
continue;
}
- if (!add_gid_to_array_unique(NULL, gid, &conn->groups,
+ if (!add_gid_to_array_unique(conn->mem_ctx, gid, &conn->groups,
&conn->ngroups)) {
DEBUG(0, ("add_gid_to_array_unique failed\n"));
conn_free(conn);