summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2002-12-11 23:54:46 +0000
committerJeremy Allison <jra@samba.org>2002-12-11 23:54:46 +0000
commit7dd847ba9c10be196b5d02f9593c642666855470 (patch)
treed8075361fa9e53f24ae0e07633751ad645547275 /source3
parentf7267c1235ae1b8c6a7324d508f5d435ff18de50 (diff)
downloadsamba-7dd847ba9c10be196b5d02f9593c642666855470.tar.gz
samba-7dd847ba9c10be196b5d02f9593c642666855470.tar.bz2
samba-7dd847ba9c10be196b5d02f9593c642666855470.zip
Fixed auth module code. Added VALGRIND defines to reduce spurious warnings.
Jeremy. (This used to be commit ff3a8d37289216a2cb808406044a7abef1e564d0)
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth.c99
-rw-r--r--source3/auth/auth_builtin.c27
-rw-r--r--source3/include/includes.h4
-rw-r--r--source3/lib/util.c2
-rw-r--r--source3/lib/util_str.c9
-rw-r--r--source3/smbd/process.c1
-rw-r--r--source3/tdb/tdbbackup.c10
7 files changed, 83 insertions, 69 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 232d401a24..d730e39f44 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -61,8 +61,7 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context)
return auth_context->challenge.data;
}
- for (auth_method = auth_context->auth_method_list; auth_method; auth_method = auth_method->next)
- {
+ for (auth_method = auth_context->auth_method_list; auth_method; auth_method = auth_method->next) {
if (auth_method->get_chal == NULL) {
DEBUG(5, ("auth_get_challenge: module %s did not want to specify a challenge\n", auth_method->name));
continue;
@@ -183,18 +182,18 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
auth_methods *auth_method;
TALLOC_CTX *mem_ctx;
- if (!user_info || !auth_context || !server_info) {
+ if (!user_info || !auth_context || !server_info)
return NT_STATUS_LOGON_FAILURE;
- }
- DEBUG(3, ("check_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
+ DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str));
- DEBUG(3, ("check_password: mapped user is: [%s]\\[%s]@[%s]\n",
+ DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str));
- if (auth_context->challenge_set_by) {
- DEBUG(10, ("auth_context challenge created by %s\n", auth_context->challenge_set_by));
- }
+ if (auth_context->challenge_set_by)
+ DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n",
+ auth_context->challenge_set_by));
+
DEBUG(10, ("challenge is: \n"));
dump_data(5, auth_context->challenge.data, auth_context->challenge.length);
@@ -208,37 +207,33 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
#endif
/* This needs to be sorted: If it doesn't match, what should we do? */
- if (!check_domain_match(user_info->smb_name.str, user_info->domain.str)) {
+ if (!check_domain_match(user_info->smb_name.str, user_info->domain.str))
return NT_STATUS_LOGON_FAILURE;
- }
- for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next)
- {
+ for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
mem_ctx = talloc_init_named("%s authentication for user %s\\%s", auth_method->name,
user_info->domain.str, user_info->smb_name.str);
nt_status = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
if (NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3, ("check_password: %s authentication for user [%s] suceeded\n",
+ DEBUG(3, ("check_ntlm_password: %s authentication for user [%s] suceeded\n",
auth_method->name, user_info->smb_name.str));
} else {
- DEBUG(5, ("check_password: %s authentication for user [%s] FAILED with error %s\n",
+ DEBUG(5, ("check_ntlm_password: %s authentication for user [%s] FAILED with error %s\n",
auth_method->name, user_info->smb_name.str, nt_errstr(nt_status)));
}
talloc_destroy(mem_ctx);
- if (NT_STATUS_IS_OK(nt_status)) {
+ if (NT_STATUS_IS_OK(nt_status))
break;
- }
}
/* This is one of the few places the *relies* (rather than just sets defaults
on the value of lp_security(). This needs to change. A new paramater
perhaps? */
- if (lp_security() >= SEC_SERVER) {
+ if (lp_security() >= SEC_SERVER)
smb_user_control(user_info, *server_info, nt_status);
- }
if (NT_STATUS_IS_OK(nt_status)) {
pdb_username = pdb_get_username((*server_info)->sam_account);
@@ -249,17 +244,17 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
unbecome_root();
if (NT_STATUS_IS_OK(nt_status)) {
- DEBUG(5, ("check_password: PAM Account for user [%s] suceeded\n",
+ DEBUG(5, ("check_ntlm_password: PAM Account for user [%s] suceeded\n",
pdb_username));
} else {
- DEBUG(3, ("check_password: PAM Account for user [%s] FAILED with error %s\n",
+ DEBUG(3, ("check_ntlm_password: PAM Account for user [%s] FAILED with error %s\n",
pdb_username, nt_errstr(nt_status)));
}
}
if (NT_STATUS_IS_OK(nt_status)) {
DEBUG((*server_info)->guest ? 5 : 2,
- ("check_password: %sauthentication for user [%s] -> [%s] -> [%s] suceeded\n",
+ ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] suceeded\n",
(*server_info)->guest ? "guest " : "",
user_info->smb_name.str,
user_info->internal_username.str,
@@ -268,7 +263,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
}
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(2, ("check_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
+ DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
user_info->smb_name.str, user_info->internal_username.str,
nt_errstr(nt_status)));
ZERO_STRUCTP(server_info);
@@ -282,9 +277,8 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
static void free_auth_context(struct auth_context **auth_context)
{
- if (*auth_context != NULL) {
+ if (*auth_context != NULL)
talloc_destroy((*auth_context)->mem_ctx);
- }
*auth_context = NULL;
}
@@ -327,48 +321,43 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context,
NTSTATUS nt_status;
if (!text_list) {
- DEBUG(2,("No auth method list!?\n"));
+ DEBUG(2,("make_auth_context_text_list: No auth method list!?\n"));
return NT_STATUS_UNSUCCESSFUL;
}
- if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) {
+ if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context)))
return nt_status;
- }
- for (;*text_list; text_list++)
- {
- DEBUG(5,("Attempting to find an auth method to match %s\n", *text_list));
- for (i = 0; builtin_auth_init_functions[i].name; i++)
- {
- if (strequal(builtin_auth_init_functions[i].name, *text_list))
- {
-
- char *module_name = smb_xstrdup(*text_list);
- char *module_params = NULL;
- char *p;
-
- p = strchr(module_name, ':');
-
- if (p) {
- *p = 0;
-
- module_params = p+1;
-
- trim_string(module_params, " ", " ");
- }
-
- trim_string(module_name, " ", " ");
+ for (;*text_list; text_list++) {
+ DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n",
+ *text_list));
+ for (i = 0; builtin_auth_init_functions[i].name; i++) {
+ char *module_name = smb_xstrdup(*text_list);
+ char *module_params = NULL;
+ char *p;
+
+ p = strchr(module_name, ':');
+ if (p) {
+ *p = 0;
+ module_params = p+1;
+ trim_string(module_params, " ", " ");
+ }
+
+ trim_string(module_name, " ", " ");
- DEBUG(5,("Found auth method %s (at pos %d)\n", *text_list, i));
+ if (strequal(builtin_auth_init_functions[i].name, module_name)) {
+ DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i));
if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) {
- DEBUG(5,("auth method %s has a valid init\n", *text_list));
+ DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n",
+ *text_list));
DLIST_ADD_END(list, t, tmp);
} else {
- DEBUG(0,("auth method %s did not correctly init\n", *text_list));
+ DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n",
+ *text_list));
}
- SAFE_FREE(module_name);
break;
}
+ SAFE_FREE(module_name);
}
}
diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c
index f55f662a40..32f39311dc 100644
--- a/source3/auth/auth_builtin.c
+++ b/source3/auth/auth_builtin.c
@@ -49,11 +49,11 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
}
/* Guest modules initialisation */
+
NTSTATUS auth_init_guest(struct auth_context *auth_context, const char *options, auth_methods **auth_method)
{
- if (!make_auth_methods(auth_context, auth_method)) {
+ if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
- }
(*auth_method)->auth = check_guest_security;
(*auth_method)->name = "guest";
@@ -92,7 +92,7 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_
strlower(user);
error_num = strtoul(user, NULL, 16);
- DEBUG(5,("Error for user %s was %lx\n", user, error_num));
+ DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
nt_status = NT_STATUS(error_num);
@@ -100,11 +100,11 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_
}
/** Module initailisation function */
+
NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
- if (!make_auth_methods(auth_context, auth_method)) {
+ if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
- }
(*auth_method)->auth = check_name_to_ntstatus_security;
(*auth_method)->name = "name_to_ntstatus";
@@ -149,11 +149,11 @@ static DATA_BLOB auth_get_fixed_challenge(const struct auth_context *auth_contex
/** Module initailisation function */
+
NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
- if (!make_auth_methods(auth_context, auth_method)) {
+ if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
- }
(*auth_method)->auth = check_fixed_challenge_security;
(*auth_method)->get_chal = auth_get_fixed_challenge;
@@ -168,6 +168,7 @@ NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char
**/
/* Plugin modules initialisation */
+
NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
{
void * dl_handle;
@@ -175,7 +176,7 @@ NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param,
auth_init_function plugin_init;
if (param == NULL) {
- DEBUG(0, ("The plugin module needs an argument!\n"));
+ DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n"));
return NT_STATUS_UNSUCCESSFUL;
}
@@ -189,21 +190,21 @@ NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param,
trim_string(plugin_name, " ", " ");
- DEBUG(5, ("Trying to load auth plugin %s\n", plugin_name));
+ DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name));
dl_handle = sys_dlopen(plugin_name, RTLD_NOW );
if (!dl_handle) {
- DEBUG(0, ("Failed to load auth plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror()));
+ DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n",
+ plugin_name, sys_dlerror()));
return NT_STATUS_UNSUCCESSFUL;
}
plugin_init = sys_dlsym(dl_handle, "auth_init");
if (!plugin_init){
- DEBUG(0, ("Failed to find function 'pdb_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror()));
+ DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n",
+ plugin_name, sys_dlerror()));
return NT_STATUS_UNSUCCESSFUL;
}
DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)"));
return plugin_init(auth_context, plugin_param, auth_method);
}
-
-
diff --git a/source3/include/includes.h b/source3/include/includes.h
index 8ec38b9255..26cab70b9d 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -1175,5 +1175,9 @@ int asprintf(char **,const char *, ...) PRINTF_ATTRIBUTE(2,3);
time_t timegm(struct tm *tm);
#endif
+#if defined(VALGRIND)
+#define strlen(x) valgrind_strlen(x)
+#endif
+
#endif /* _INCLUDES_H */
diff --git a/source3/lib/util.c b/source3/lib/util.c
index a83e17c661..0adfe34032 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -710,6 +710,7 @@ void make_dir_struct(char *buf,char *mask,char *fname,SMB_OFF_T size,int mode,ti
void close_low_fds(BOOL stderr_too)
{
+#ifndef VALGRIND
int fd;
int i;
@@ -737,6 +738,7 @@ void close_low_fds(BOOL stderr_too)
return;
}
}
+#endif
}
/****************************************************************************
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index e7a4fe7bb3..7d056e98d2 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -1519,3 +1519,12 @@ void rfc1738_unescape(char *buf)
}
}
+#ifdef VALGRIND
+size_t valgrind_strlen(const char *s)
+{
+ size_t count;
+ for(count = 0; *s++; count++)
+ ;
+ return count;
+}
+#endif
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 3b0619b7d0..923b20ad66 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1140,7 +1140,6 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t
{
unsigned char trust_passwd_hash[16];
time_t lct;
- pstring remote_machine_list;
/*
* We're in domain level security, and the code that
diff --git a/source3/tdb/tdbbackup.c b/source3/tdb/tdbbackup.c
index 36ba7db918..7b344de6c4 100644
--- a/source3/tdb/tdbbackup.c
+++ b/source3/tdb/tdbbackup.c
@@ -303,3 +303,13 @@ static void usage(void)
return ret;
}
+
+#ifdef VALGRIND
+size_t valgrind_strlen(const char *s)
+{
+ size_t count;
+ for(count = 0; *s++; count++)
+ ;
+ return count;
+}
+#endif