diff options
| author | Andrew Tridgell <tridge@samba.org> | 2010-07-06 13:21:54 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2010-07-07 20:14:55 +1000 |
| commit | 87df785a68c1c8043b345b71c98764ef36b76179 (patch) | |
| tree | a4d3071a393661c93e97f9963e492d494241173c /source4/dsdb/samdb/ldb_modules/password_hash.c | |
| parent | fc68558ab937859a91214e8675d53c0afaf3c4e6 (diff) | |
| download | samba-87df785a68c1c8043b345b71c98764ef36b76179.tar.gz samba-87df785a68c1c8043b345b71c98764ef36b76179.tar.bz2 samba-87df785a68c1c8043b345b71c98764ef36b76179.zip | |
s4-dsdb: use ldb_operr() in the dsdb code
this replaces "return LDB_ERR_OPERATIONS_ERROR" with "return ldb_operr(ldb)"
in places in the dsdb code where we don't already explicitly set an
error string. This should make is much easier to track down dsdb
module bugs that result in an operations error.
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/password_hash.c')
| -rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 128 |
1 files changed, 47 insertions, 81 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 505f2c26f7..99bba57d10 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -177,8 +177,7 @@ static int setup_nt_fields(struct setup_password_fields_io *io) struct samr_Password, io->ac->status->domain_data.pwdHistoryLength); if (!io->g.nt_history) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } for (i = 0; i < MIN(io->ac->status->domain_data.pwdHistoryLength-1, @@ -220,8 +219,7 @@ static int setup_lm_fields(struct setup_password_fields_io *io) struct samr_Password, io->ac->status->domain_data.pwdHistoryLength); if (!io->g.lm_history) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } for (i = 0; i < MIN(io->ac->status->domain_data.pwdHistoryLength-1, @@ -265,8 +263,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) name = strlower_talloc(io->ac, io->u.sAMAccountName); if (!name) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } if (name[strlen(name)-1] == '$') { @@ -276,8 +273,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) saltbody = talloc_asprintf(io->ac, "%s.%s", name, io->ac->status->domain_data.dns_domain); if (!saltbody) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } krb5_ret = krb5_make_principal(io->smb_krb5_context->krb5_context, @@ -290,8 +286,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) user_principal_name = talloc_strdup(io->ac, io->u.user_principal_name); if (!user_principal_name) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } p = strchr(user_principal_name, '@'); @@ -338,8 +333,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) salt.saltvalue.length); krb5_free_salt(io->smb_krb5_context->krb5_context, salt); if (!io->g.salt) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } salt.saltvalue.data = discard_const(io->g.salt); salt.saltvalue.length = strlen(io->g.salt); @@ -366,8 +360,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.aes_256.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* @@ -392,8 +385,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.aes_128.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* @@ -418,8 +410,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.des_md5.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* @@ -444,8 +435,7 @@ static int setup_kerberos_keys(struct setup_password_fields_io *io) key.keyvalue.length); krb5_free_keyblock_contents(io->smb_krb5_context->krb5_context, &key); if (!io->g.des_crc.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } return LDB_SUCCESS; @@ -478,8 +468,7 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, struct package_PrimaryKerberosKey3, pkb3->num_keys); if (!pkb3->keys) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pkb3->keys[0].keytype = ENCTYPE_DES_CBC_MD5; @@ -514,8 +503,7 @@ static int setup_primary_kerberos(struct setup_password_fields_io *io, blob = strhex_to_data_blob(io->ac, old_scp->data); if (!blob.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */ @@ -584,8 +572,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, struct package_PrimaryKerberosKey4, pkb4->num_keys); if (!pkb4->keys) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pkb4->keys[0].iteration_count = 4096; @@ -630,8 +617,7 @@ static int setup_primary_kerberos_newer(struct setup_password_fields_io *io, blob = strhex_to_data_blob(io->ac, old_scp->data); if (!blob.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */ @@ -923,13 +909,11 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, sAMAccountName = data_blob_string_const(io->u.sAMAccountName); sAMAccountName_l = data_blob_string_const(strlower_talloc(io->ac, io->u.sAMAccountName)); if (!sAMAccountName_l.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } sAMAccountName_u = data_blob_string_const(strupper_talloc(io->ac, io->u.sAMAccountName)); if (!sAMAccountName_u.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* if the user doesn't have a userPrincipalName, create one (with lower case realm) */ @@ -938,34 +922,29 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, io->u.sAMAccountName, io->ac->status->domain_data.dns_domain); if (!user_principal_name) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } } userPrincipalName = data_blob_string_const(user_principal_name); userPrincipalName_l = data_blob_string_const(strlower_talloc(io->ac, user_principal_name)); if (!userPrincipalName_l.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } userPrincipalName_u = data_blob_string_const(strupper_talloc(io->ac, user_principal_name)); if (!userPrincipalName_u.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } netbios_domain = data_blob_string_const(io->ac->status->domain_data.netbios_domain); netbios_domain_l = data_blob_string_const(strlower_talloc(io->ac, io->ac->status->domain_data.netbios_domain)); if (!netbios_domain_l.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } netbios_domain_u = data_blob_string_const(strupper_talloc(io->ac, io->ac->status->domain_data.netbios_domain)); if (!netbios_domain_u.data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } dns_domain = data_blob_string_const(io->ac->status->domain_data.dns_domain); @@ -981,8 +960,7 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io, pdb->hashes = talloc_array(io->ac, struct package_PrimaryWDigestHash, pdb->num_hashes); if (!pdb->hashes) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } for (i=0; i < ARRAY_SIZE(wdigest); i++) { @@ -1158,8 +1136,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pknb_hexstr = data_blob_hex_string_upper(io->ac, &pknb_blob); if (!pknb_hexstr) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pkn->name = "Primary:Kerberos-Newer-Keys"; pkn->reserved = 1; @@ -1189,8 +1166,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pkb_hexstr = data_blob_hex_string_upper(io->ac, &pkb_blob); if (!pkb_hexstr) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pk->name = "Primary:Kerberos"; pk->reserved = 1; @@ -1219,8 +1195,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pdb_hexstr = data_blob_hex_string_upper(io->ac, &pdb_blob); if (!pdb_hexstr) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pd->name = "Primary:WDigest"; pd->reserved = 1; @@ -1247,8 +1222,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pcb_hexstr = data_blob_hex_string_upper(io->ac, &pcb_blob); if (!pcb_hexstr) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pc->name = "Primary:CLEARTEXT"; pc->reserved = 1; @@ -1272,8 +1246,7 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) } pb_hexstr = data_blob_hex_string_upper(io->ac, &pb_blob); if (!pb_hexstr) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } pp->name = "Packages"; pp->reserved = 2; @@ -1324,8 +1297,7 @@ static int setup_given_passwords(struct setup_password_fields_io *io, cleartext_utf16_blob = talloc(io->ac, struct ldb_val); if (!cleartext_utf16_blob) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } if (!convert_string_talloc(io->ac, CH_UTF8, CH_UTF16, @@ -1348,8 +1320,7 @@ static int setup_given_passwords(struct setup_password_fields_io *io, cleartext_utf8_blob = talloc(io->ac, struct ldb_val); if (!cleartext_utf8_blob) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } if (!convert_string_talloc(io->ac, CH_UTF16MUNGED, CH_UTF8, @@ -1371,8 +1342,7 @@ static int setup_given_passwords(struct setup_password_fields_io *io, nt_hash = talloc(io->ac, struct samr_Password); if (!nt_hash) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } g->nt_hash = nt_hash; @@ -1387,8 +1357,7 @@ static int setup_given_passwords(struct setup_password_fields_io *io, lm_hash = talloc(io->ac, struct samr_Password); if (!lm_hash) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* compute the new lm hash */ @@ -1644,7 +1613,7 @@ static int setup_io(struct ph_context *ac, ldb_get_event_context(ldb), (struct loadparm_context *)ldb_get_opaque(ldb, "loadparm"), &io->smb_krb5_context) != 0) { - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } io->ac = ac; @@ -1738,8 +1707,7 @@ static int setup_io(struct ph_context *ac, */ quoted_utf16_2 = talloc(io->ac, struct ldb_val); if (quoted_utf16_2 == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } quoted_utf16_2->data = quoted_utf16->data + 2; @@ -1795,8 +1763,7 @@ static int setup_io(struct ph_context *ac, */ old_quoted_utf16_2 = talloc(io->ac, struct ldb_val); if (old_quoted_utf16_2 == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } old_quoted_utf16_2->data = old_quoted_utf16->data + 2; @@ -1927,7 +1894,7 @@ static int setup_io(struct ph_context *ac, } } else { /* this shouldn't happen */ - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } return LDB_SUCCESS; @@ -2253,7 +2220,7 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) ac = ph_init_context(module, req); if (ac == NULL) { DEBUG(0,(__location__ ": %s\n", ldb_errstring(ldb))); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } ph_apply_controls(ac); @@ -2280,9 +2247,11 @@ static int password_hash_add_do_add(struct ph_context *ac) return ret; } + ldb = ldb_module_get_ctx(ac->module); + msg = ldb_msg_copy_shallow(ac, ac->req->op.add.message); if (msg == NULL) { - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } /* remove attributes that we just read into 'io' */ @@ -2292,8 +2261,6 @@ static int password_hash_add_do_add(struct ph_context *ac) ldb_msg_remove_attr(msg, "dBCSPwd"); ldb_msg_remove_attr(msg, "pwdLastSet"); - ldb = ldb_module_get_ctx(ac->module); - ret = setup_password_fields(&io); if (ret != LDB_SUCCESS) { return ret; @@ -2319,7 +2286,7 @@ static int password_hash_add_do_add(struct ph_context *ac) } } if (io.g.nt_history_len > 0) { - ret = samdb_msg_add_hashes(ac, msg, + ret = samdb_msg_add_hashes(ldb, ac, msg, "ntPwdHistory", io.g.nt_history, io.g.nt_history_len); @@ -2328,7 +2295,7 @@ static int password_hash_add_do_add(struct ph_context *ac) } } if (io.g.lm_history_len > 0) { - ret = samdb_msg_add_hashes(ac, msg, + ret = samdb_msg_add_hashes(ldb, ac, msg, "lmPwdHistory", io.g.lm_history, io.g.lm_history_len); @@ -2426,15 +2393,14 @@ static int password_hash_modify(struct ldb_module *module, struct ldb_request *r ac = ph_init_context(module, req); if (!ac) { DEBUG(0,(__location__ ": %s\n", ldb_errstring(ldb))); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } ph_apply_controls(ac); /* use a new message structure so that we can modify it */ msg = ldb_msg_copy_shallow(ac, req->op.mod.message); if (msg == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; + return ldb_oom(ldb); } /* - check for single-valued password attributes @@ -2677,7 +2643,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac) /* use a new message structure so that we can modify it */ msg = ldb_msg_new(ac); if (msg == NULL) { - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } /* modify dn */ @@ -2698,7 +2664,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac) discard_const_p(struct ldb_message, searched_msg), &io.o.lm_hash, &io.o.nt_hash); if (!NT_STATUS_IS_OK(status)) { - return LDB_ERR_OPERATIONS_ERROR; + return ldb_operr(ldb); } io.o.nt_history_len = samdb_result_hashes(io.ac, searched_msg, "ntPwdHistory", &io.o.nt_history); @@ -2738,7 +2704,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac) } } if (io.g.nt_history_len > 0) { - ret = samdb_msg_add_hashes(ac, msg, + ret = samdb_msg_add_hashes(ldb, ac, msg, "ntPwdHistory", io.g.nt_history, io.g.nt_history_len); @@ -2747,7 +2713,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac) } } if (io.g.lm_history_len > 0) { - ret = samdb_msg_add_hashes(ac, msg, + ret = samdb_msg_add_hashes(ldb, ac, msg, "lmPwdHistory", io.g.lm_history, io.g.lm_history_len); |