diff options
| -rw-r--r-- | source3/auth/pass_check.c | 149 | ||||
| -rw-r--r-- | source3/lib/util.c | 13 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_prs.c | 32 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_srv.c | 12 |
4 files changed, 142 insertions, 64 deletions
diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c index 27915bf499..fe1f98c150 100644 --- a/source3/auth/pass_check.c +++ b/source3/auth/pass_check.c @@ -26,10 +26,61 @@ #define DBGC_CLASS DBGC_AUTH /* these are kept here to keep the string_combinations function simple */ -static fstring this_user; -#if !defined(WITH_PAM) -static fstring this_salt; -static fstring this_crypted; +static char *ths_user; + +static const char *get_this_user() +{ + if (!ths_user) { + return ""; + } + return ths_user; +} + +#if defined(WITH_PAM) || defined(OSF1_ENH_SEC) +static const char *set_this_user(const char *newuser) +{ + char *orig_user = ths_user; + ths_user = SMB_STRDUP(newuser); + SAFE_FREE(orig_user); + return ths_user; +} +#endif + +#if !defined(WITH_PAM) +static char *ths_salt; +/* This must be writable. */ +static char *get_this_salt() +{ + return ths_salt; +} + +/* We may be setting a modified version of the same + * string, so don't free before use. */ + +static const char *set_this_salt(const char *newsalt) +{ + char *orig_salt = ths_salt; + ths_salt = SMB_STRDUP(newsalt); + SAFE_FREE(orig_salt); + return ths_salt; +} + +static char *ths_crypted; +static const char *get_this_crypted() +{ + if (!ths_crypted) { + return ""; + } + return ths_crypted; +} + +static const char *set_this_crypted(const char *newcrypted) +{ + char *orig_crypted = ths_crypted; + ths_crypted = SMB_STRDUP(newcrypted); + SAFE_FREE(orig_crypted); + return ths_crypted; +} #endif #ifdef WITH_AFS @@ -113,7 +164,7 @@ static bool dfs_auth(char *user, char *password) * Assumes local passwd file is kept in sync w/ DCE RGY! */ - if (strcmp((char *)crypt(password, this_salt), this_crypted)) + if (strcmp((char *)crypt(password, get_this_salt()), get_this_crypted())) { return (False); } @@ -492,29 +543,29 @@ core of password checking routine static NTSTATUS password_check(const char *password) { #ifdef WITH_PAM - return smb_pam_passcheck(this_user, password); + return smb_pam_passcheck(get_this_user(), password); #else bool ret; #ifdef WITH_AFS - if (afs_auth(this_user, password)) + if (afs_auth(get_this_user(), password)) return NT_STATUS_OK; #endif /* WITH_AFS */ #ifdef WITH_DFS - if (dfs_auth(this_user, password)) + if (dfs_auth(get_this_user(), password)) return NT_STATUS_OK; #endif /* WITH_DFS */ #ifdef OSF1_ENH_SEC - ret = (strcmp(osf1_bigcrypt(password, this_salt), - this_crypted) == 0); + ret = (strcmp(osf1_bigcrypt(password, get_this_salt()), + get_this_crypted()) == 0); if (!ret) { DEBUG(2, ("OSF1_ENH_SEC failed. Trying normal crypt.\n")); - ret = (strcmp((char *)crypt(password, this_salt), this_crypted) == 0); + ret = (strcmp((char *)crypt(password, get_this_salt()), get_this_crypted()) == 0); } if (ret) { return NT_STATUS_OK; @@ -525,7 +576,7 @@ static NTSTATUS password_check(const char *password) #endif /* OSF1_ENH_SEC */ #ifdef ULTRIX_AUTH - ret = (strcmp((char *)crypt16(password, this_salt), this_crypted) == 0); + ret = (strcmp((char *)crypt16(password, get_this_salt()), get_this_crypted()) == 0); if (ret) { return NT_STATUS_OK; } else { @@ -535,7 +586,7 @@ static NTSTATUS password_check(const char *password) #endif /* ULTRIX_AUTH */ #ifdef LINUX_BIGCRYPT - ret = (linux_bigcrypt(password, this_salt, this_crypted)); + ret = (linux_bigcrypt(password, get_this_salt(), get_this_crypted())); if (ret) { return NT_STATUS_OK; } else { @@ -552,10 +603,10 @@ static NTSTATUS password_check(const char *password) * by crypt. */ - if (strcmp(bigcrypt(password, this_salt), this_crypted) == 0) + if (strcmp(bigcrypt(password, get_this_salt()), get_this_crypted()) == 0) return NT_STATUS_OK; else - ret = (strcmp((char *)crypt(password, this_salt), this_crypted) == 0); + ret = (strcmp((char *)crypt(password, get_this_salt()), get_this_crypted()) == 0); if (ret) { return NT_STATUS_OK; } else { @@ -564,7 +615,7 @@ static NTSTATUS password_check(const char *password) #else /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ #ifdef HAVE_BIGCRYPT - ret = (strcmp(bigcrypt(password, this_salt), this_crypted) == 0); + ret = (strcmp(bigcrypt(password, get_this_salt()), get_this_crypted()) == 0); if (ret) { return NT_STATUS_OK; } else { @@ -576,7 +627,7 @@ static NTSTATUS password_check(const char *password) DEBUG(1, ("Warning - no crypt available\n")); return NT_STATUS_LOGON_FAILURE; #else /* HAVE_CRYPT */ - ret = (strcmp((char *)crypt(password, this_salt), this_crypted) == 0); + ret = (strcmp((char *)crypt(password, get_this_salt()), get_this_crypted()) == 0); if (ret) { return NT_STATUS_OK; } else { @@ -621,7 +672,9 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas * checks below and dive straight into the PAM code. */ - fstrcpy(this_user, user); + if (set_this_user(user) == NULL) { + return NT_STATUS_NO_MEMORY; + } DEBUG(4, ("pass_check: Checking (PAM) password for user %s (l=%d)\n", user, pwlen)); @@ -638,8 +691,12 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas /* Copy into global for the convenience of looping code */ /* Also the place to keep the 'password' no matter what crazy struct it started in... */ - fstrcpy(this_crypted, pass->pw_passwd); - fstrcpy(this_salt, pass->pw_passwd); + if (set_this_crypted(pass->pw_passwd) == NULL) { + return NT_STATUS_NO_MEMORY; + } + if (set_this_salt(pass->pw_passwd) == NULL) { + return NT_STATUS_NO_MEMORY; + } #ifdef HAVE_GETSPNAM { @@ -652,8 +709,12 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas spass = getspnam(pass->pw_name); if (spass && spass->sp_pwdp) { - fstrcpy(this_crypted, spass->sp_pwdp); - fstrcpy(this_salt, spass->sp_pwdp); + if (set_this_crypted(spass->sp_pwdp) == NULL) { + return NT_STATUS_NO_MEMORY; + } + if (set_this_salt(spass->sp_pwdp) == NULL) { + return NT_STATUS_NO_MEMORY; + } } } #elif defined(IA_UINFO) @@ -671,8 +732,11 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas #ifdef HAVE_GETPRPWNAM { struct pr_passwd *pr_pw = getprpwnam(pass->pw_name); - if (pr_pw && pr_pw->ufld.fd_encrypt) - fstrcpy(this_crypted, pr_pw->ufld.fd_encrypt); + if (pr_pw && pr_pw->ufld.fd_encrypt) { + if (set_this_crypted(pr_pw->ufld.fd_encrypt) == NULL) { + return NT_STATUS_NO_MEMORY; + } + } } #endif @@ -680,8 +744,11 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas { struct passwd_adjunct *pwret; pwret = getpwanam(s); - if (pwret && pwret->pwa_passwd) - fstrcpy(this_crypted, pwret->pwa_passwd); + if (pwret && pwret->pwa_passwd) { + if (set_this_crypted(pwret->pwa_passwd) == NULL) { + return NT_STATUS_NO_MEMORY; + } + } } #endif @@ -692,8 +759,12 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas user)); mypasswd = getprpwnam(user); if (mypasswd) { - fstrcpy(this_user, mypasswd->ufld.fd_name); - fstrcpy(this_crypted, mypasswd->ufld.fd_encrypt); + if (set_this_user(mypasswd->ufld.fd_name) == NULL) { + return NT_STATUS_NO_MEMORY; + } + if (set_this_crypted(mypasswd->ufld.fd_encrypt) == NULL) { + return NT_STATUS_NO_MEMORY; + } } else { DEBUG(5, ("OSF1_ENH_SEC: No entry for user %s in protected database !\n", @@ -706,7 +777,10 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas { AUTHORIZATION *ap = getauthuid(pass->pw_uid); if (ap) { - fstrcpy(this_crypted, ap->a_password); + if (set_this_crypted(ap->a_password) == NULL) { + endauthent(); + return NT_STATUS_NO_MEMORY; + } endauthent(); } } @@ -715,19 +789,28 @@ NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *pas #if defined(HAVE_TRUNCATED_SALT) /* crypt on some platforms (HPUX in particular) won't work with more than 2 salt characters. */ - this_salt[2] = 0; + { + char *trunc_salt = get_this_salt(); + if (!trunc_salt || strlen(trunc_salt) < 2) { + return NT_STATUS_LOGON_FAILURE; + } + trunc_salt[2] = 0; + if (set_this_salt(trunc_salt) == NULL) { + return NT_STATUS_NO_MEMORY; + } + } #endif - if (!*this_crypted) { + if (!get_this_crypted() || !*get_this_crypted()) { if (!lp_null_passwords()) { DEBUG(2, ("Disallowing %s with null password\n", - this_user)); + get_this_user())); return NT_STATUS_LOGON_FAILURE; } if (!*password) { DEBUG(3, ("Allowing access to %s with null password\n", - this_user)); + get_this_user())); return NT_STATUS_OK; } } diff --git a/source3/lib/util.c b/source3/lib/util.c index 73b035b22b..11c14ea538 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2227,17 +2227,12 @@ void dump_data_pw(const char *msg, const uchar * data, size_t len) #endif } -char *tab_depth(int depth) +const char *tab_depth(int level, int depth) { - static fstring spaces; - size_t len = depth * 4; - if (len > sizeof(fstring)-1) { - len = sizeof(fstring)-1; + if( DEBUGLVL(level) ) { + dbgtext("%*s", depth*4, ""); } - - memset(spaces, ' ', len); - spaces[len] = 0; - return spaces; + return ""; } /***************************************************************************** diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 4abf63e71d..23dae9f3a1 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -85,7 +85,7 @@ void prs_dump_region(const char *name, int v, prs_struct *ps, void prs_debug(prs_struct *ps, int depth, const char *desc, const char *fn_name) { - DEBUG(5+depth, ("%s%06x %s %s\n", tab_depth(depth), ps->data_offset, fn_name, desc)); + DEBUG(5+depth, ("%s%06x %s %s\n", tab_depth(5+depth,depth), ps->data_offset, fn_name, desc)); } /** @@ -621,7 +621,7 @@ bool prs_uint8(const char *name, prs_struct *ps, int depth, uint8 *data8) else SCVAL(q,0,*data8); - DEBUG(5,("%s%04x %s: %02x\n", tab_depth(depth), ps->data_offset, name, *data8)); + DEBUG(5,("%s%04x %s: %02x\n", tab_depth(5,depth), ps->data_offset, name, *data8)); ps->data_offset += 1; @@ -686,7 +686,7 @@ bool prs_uint16(const char *name, prs_struct *ps, int depth, uint16 *data16) SSVAL(q,0,*data16); } - DEBUG(5,("%s%04x %s: %04x\n", tab_depth(depth), ps->data_offset, name, *data16)); + DEBUG(5,("%s%04x %s: %04x\n", tab_depth(5,depth), ps->data_offset, name, *data16)); ps->data_offset += sizeof(uint16); @@ -715,7 +715,7 @@ bool prs_uint32(const char *name, prs_struct *ps, int depth, uint32 *data32) SIVAL(q,0,*data32); } - DEBUG(5,("%s%04x %s: %08x\n", tab_depth(depth), ps->data_offset, name, *data32)); + DEBUG(5,("%s%04x %s: %08x\n", tab_depth(5,depth), ps->data_offset, name, *data32)); ps->data_offset += sizeof(uint32); @@ -744,7 +744,7 @@ bool prs_int32(const char *name, prs_struct *ps, int depth, int32 *data32) SIVALS(q,0,*data32); } - DEBUG(5,("%s%04x %s: %08x\n", tab_depth(depth), ps->data_offset, name, *data32)); + DEBUG(5,("%s%04x %s: %08x\n", tab_depth(5,depth), ps->data_offset, name, *data32)); ps->data_offset += sizeof(int32); @@ -773,7 +773,7 @@ bool prs_ntstatus(const char *name, prs_struct *ps, int depth, NTSTATUS *status) SIVAL(q,0,NT_STATUS_V(*status)); } - DEBUG(5,("%s%04x %s: %s\n", tab_depth(depth), ps->data_offset, name, + DEBUG(5,("%s%04x %s: %s\n", tab_depth(5,depth), ps->data_offset, name, nt_errstr(*status))); ps->data_offset += sizeof(uint32); @@ -803,7 +803,7 @@ bool prs_dcerpc_status(const char *name, prs_struct *ps, int depth, NTSTATUS *st SIVAL(q,0,NT_STATUS_V(*status)); } - DEBUG(5,("%s%04x %s: %s\n", tab_depth(depth), ps->data_offset, name, + DEBUG(5,("%s%04x %s: %s\n", tab_depth(5,depth), ps->data_offset, name, dcerpc_errstr(NT_STATUS_V(*status)))); ps->data_offset += sizeof(uint32); @@ -834,7 +834,7 @@ bool prs_werror(const char *name, prs_struct *ps, int depth, WERROR *status) SIVAL(q,0,W_ERROR_V(*status)); } - DEBUG(5,("%s%04x %s: %s\n", tab_depth(depth), ps->data_offset, name, + DEBUG(5,("%s%04x %s: %s\n", tab_depth(5,depth), ps->data_offset, name, dos_errstr(*status))); ps->data_offset += sizeof(uint32); @@ -862,7 +862,7 @@ bool prs_uint8s(bool charmode, const char *name, prs_struct *ps, int depth, uint SCVAL(q, i, data8s[i]); } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset ,name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset ,name)); if (charmode) print_asc(5, (unsigned char*)data8s, len); else { @@ -905,7 +905,7 @@ bool prs_uint16s(bool charmode, const char *name, prs_struct *ps, int depth, uin } } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); if (charmode) print_asc(5, (unsigned char*)data16s, 2*len); else { @@ -947,7 +947,7 @@ static void dbg_rw_punival(bool charmode, const char *name, int depth, prs_struc } } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); if (charmode) print_asc(5, (unsigned char*)out_buf, 2*len); else { @@ -1002,7 +1002,7 @@ bool prs_uint32s(bool charmode, const char *name, prs_struct *ps, int depth, uin } } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); if (charmode) print_asc(5, (unsigned char*)data32s, 4*len); else { @@ -1103,7 +1103,7 @@ bool prs_string2(bool charmode, const char *name, prs_struct *ps, int depth, STR } else { str->buffer = NULL; /* Return early to ensure Coverity isn't confused. */ - DEBUG(5,("%s%04x %s: \n", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: \n", tab_depth(5,depth), ps->data_offset, name)); return True; } } @@ -1116,7 +1116,7 @@ bool prs_string2(bool charmode, const char *name, prs_struct *ps, int depth, STR SCVAL(q, i, str->buffer[i]); } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); if (charmode) print_asc(5, (unsigned char*)str->buffer, str->str_str_len); else { @@ -1252,7 +1252,7 @@ bool prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str) len++; - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); print_asc(5, (unsigned char*)start, 2*len); DEBUG(5, ("\n")); } @@ -1309,7 +1309,7 @@ bool prs_unistr(const char *name, prs_struct *ps, int depth, UNISTR *str) str->buffer[len++] = '\0'; } - DEBUG(5,("%s%04x %s: ", tab_depth(depth), ps->data_offset, name)); + DEBUG(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset, name)); print_asc(5, (unsigned char*)str->buffer, 2*len); DEBUG(5, ("\n")); } diff --git a/source3/rpc_parse/parse_srv.c b/source3/rpc_parse/parse_srv.c index e7a73183f5..6337c53fc1 100644 --- a/source3/rpc_parse/parse_srv.c +++ b/source3/rpc_parse/parse_srv.c @@ -1018,7 +1018,7 @@ static bool srv_io_srv_share_ctr(const char *desc, SRV_SHARE_INFO_CTR *ctr, prs_ default: DEBUG(5,("%s no share info at switch_value %d\n", - tab_depth(depth), ctr->switch_value)); + tab_depth(5,depth), ctr->switch_value)); break; } @@ -1267,7 +1267,7 @@ static bool srv_io_srv_share_info(const char *desc, prs_struct *ps, int depth, S return False; default: DEBUG(5,("%s no share info at switch_value %d\n", - tab_depth(depth), r_n->switch_value)); + tab_depth(5,depth), r_n->switch_value)); break; } } @@ -1796,7 +1796,7 @@ static bool srv_io_srv_sess_ctr(const char *desc, SRV_SESS_INFO_CTR **pp_ctr, pr break; default: DEBUG(5,("%s no session info at switch_value %d\n", - tab_depth(depth), ctr->switch_value)); + tab_depth(5,depth), ctr->switch_value)); break; } } @@ -2216,7 +2216,7 @@ static bool srv_io_srv_conn_ctr(const char *desc, SRV_CONN_INFO_CTR **pp_ctr, pr break; default: DEBUG(5,("%s no connection info at switch_value %d\n", - tab_depth(depth), ctr->switch_value)); + tab_depth(5,depth), ctr->switch_value)); break; } } @@ -2486,7 +2486,7 @@ static bool srv_io_srv_file_ctr(const char *desc, SRV_FILE_INFO_CTR *ctr, prs_st break; } default: - DEBUG(5,("%s no file info at switch_value %d\n", tab_depth(depth), ctr->level)); + DEBUG(5,("%s no file info at switch_value %d\n", tab_depth(5,depth), ctr->level)); break; } @@ -2839,7 +2839,7 @@ static bool srv_io_info_ctr(const char *desc, SRV_INFO_CTR *ctr, prs_struct *ps, break; default: DEBUG(5,("%s no server info at switch_value %d\n", - tab_depth(depth), ctr->switch_value)); + tab_depth(5,depth), ctr->switch_value)); break; } if(!prs_align(ps)) |