summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_util.c27
-rw-r--r--source3/lib/util_str.c74
-rw-r--r--source3/nsswitch/winbindd_pam.c18
-rw-r--r--source3/passdb/pdb_ldap.c3
4 files changed, 101 insertions, 21 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 497f16adf2..eb15fff7c8 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -591,33 +591,36 @@ static NTSTATUS create_nt_user_token(const DOM_SID *user_sid, const DOM_SID *gro
(strlen(lp_log_nt_token_command()) > 0)) {
TALLOC_CTX *mem_ctx;
char *command;
- fstring sidstr;
- char *user_sidstr, *group_sidstr;
+ char *group_sidstr;
mem_ctx = talloc_init("setnttoken");
if (mem_ctx == NULL)
return NT_STATUS_NO_MEMORY;
- sid_to_string(sidstr, &ptoken->user_sids[0]);
- user_sidstr = talloc_strdup(mem_ctx, sidstr);
-
group_sidstr = talloc_strdup(mem_ctx, "");
for (i=1; i<ptoken->num_sids; i++) {
- sid_to_string(sidstr, &ptoken->user_sids[i]);
- group_sidstr = talloc_asprintf(mem_ctx, "%s %s",
- group_sidstr, sidstr);
+ group_sidstr = talloc_asprintf(
+ mem_ctx, "%s %s", group_sidstr,
+ sid_string_static(&ptoken->user_sids[i]));
+ }
+
+ command = talloc_string_sub(
+ mem_ctx, lp_log_nt_token_command(),
+ "%s", sid_string_static(&ptoken->user_sids[0]));
+ command = talloc_string_sub(
+ mem_ctx, command, "%t", group_sidstr);
+
+ if (command == NULL) {
+ talloc_destroy(mem_ctx);
+ return NT_STATUS_NO_MEMORY;
}
- command = SMB_STRDUP(lp_log_nt_token_command());
- command = realloc_string_sub(command, "%s", user_sidstr);
- command = realloc_string_sub(command, "%t", group_sidstr);
DEBUG(8, ("running command: [%s]\n", command));
if (smbrun(command, NULL) != 0) {
DEBUG(0, ("Could not log NT token\n"));
nt_status = NT_STATUS_ACCESS_DENIED;
}
talloc_destroy(mem_ctx);
- SAFE_FREE(command);
}
*token = ptoken;
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index 9b14dcfaf0..80bb2ff2ad 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -1003,7 +1003,8 @@ void pstring_sub(char *s,const char *pattern,const char *insert)
as string.
**/
-char *realloc_string_sub(char *string, const char *pattern, const char *insert)
+char *realloc_string_sub(char *string, const char *pattern,
+ const char *insert)
{
char *p, *in;
char *s;
@@ -1063,6 +1064,77 @@ char *realloc_string_sub(char *string, const char *pattern, const char *insert)
return string;
}
+/* Same as string_sub, but returns a talloc'ed string */
+
+char *talloc_string_sub(TALLOC_CTX *mem_ctx, const char *src,
+ const char *pattern, const char *insert)
+{
+ char *p, *in;
+ char *s;
+ char *string;
+ ssize_t ls,lp,li,ld, i;
+
+ if (!insert || !pattern || !*pattern || !src || !*src)
+ return NULL;
+
+ string = talloc_strdup(mem_ctx, src);
+ if (string == NULL) {
+ DEBUG(0, ("talloc_strdup failed\n"));
+ return NULL;
+ }
+
+ s = string;
+
+ in = SMB_STRDUP(insert);
+ if (!in) {
+ DEBUG(0, ("talloc_string_sub: out of memory!\n"));
+ return NULL;
+ }
+ ls = (ssize_t)strlen(s);
+ lp = (ssize_t)strlen(pattern);
+ li = (ssize_t)strlen(insert);
+ ld = li - lp;
+ for (i=0;i<li;i++) {
+ switch (in[i]) {
+ case '`':
+ case '"':
+ case '\'':
+ case ';':
+ case '$':
+ case '%':
+ case '\r':
+ case '\n':
+ in[i] = '_';
+ default:
+ /* ok */
+ break;
+ }
+ }
+
+ while ((p = strstr_m(s,pattern))) {
+ if (ld > 0) {
+ int offset = PTR_DIFF(s,string);
+ char *t = TALLOC_REALLOC(mem_ctx, string, ls + ld + 1);
+ if (!t) {
+ DEBUG(0, ("talloc_string_sub: out of "
+ "memory!\n"));
+ SAFE_FREE(in);
+ return NULL;
+ }
+ string = t;
+ p = t + offset + (p - s);
+ }
+ if (li != lp) {
+ memmove(p+li,p+lp,strlen(p+lp)+1);
+ }
+ memcpy(p, in, li);
+ s = p + li;
+ ls += ld;
+ }
+ SAFE_FREE(in);
+ return string;
+}
+
/**
Similar to string_sub() but allows for any character to be substituted.
Use with caution!
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index e683f397b6..1d9b77afee 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -419,16 +419,21 @@ done:
if ( NT_STATUS_IS_OK(result) &&
(state->request.flags & WBFLAG_PAM_AFS_TOKEN) ) {
- char *afsname = SMB_STRDUP(lp_afs_username_map());
+ char *afsname = talloc_strdup(state->mem_ctx,
+ lp_afs_username_map());
char *cell;
if (afsname == NULL) {
goto no_token;
}
- afsname = realloc_string_sub(afsname, "%D", name_domain);
- afsname = realloc_string_sub(afsname, "%u", name_user);
- afsname = realloc_string_sub(afsname, "%U", name_user);
+ afsname = talloc_string_sub(state->mem_ctx,
+ lp_afs_username_map(),
+ "%D", name_domain);
+ afsname = talloc_string_sub(state->mem_ctx, afsname,
+ "%u", name_user);
+ afsname = talloc_string_sub(state->mem_ctx, afsname,
+ "%U", name_user);
{
DOM_SID user_sid;
@@ -437,7 +442,8 @@ done:
sid_copy(&user_sid, &info3.dom_sid.sid);
sid_append_rid(&user_sid, info3.user_rid);
sid_to_string(sidstr, &user_sid);
- afsname = realloc_string_sub(afsname, "%s", sidstr);
+ afsname = talloc_string_sub(state->mem_ctx, afsname,
+ "%s", sidstr);
}
if (afsname == NULL) {
@@ -466,7 +472,7 @@ done:
strlen(state->response.extra_data)+1;
no_token:
- SAFE_FREE(afsname);
+ talloc_free(afsname);
}
return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 20cf2d328e..cb0bc8eeb6 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -3708,8 +3708,7 @@ char *get_ldap_filter(TALLOC_CTX *mem_ctx, const char *username)
escaped = escape_ldap_string_alloc(username);
if (escaped == NULL) goto done;
- filter = realloc_string_sub(filter, "%u", username);
- result = talloc_strdup(mem_ctx, filter);
+ result = talloc_string_sub(mem_ctx, filter, "%u", username);
done:
SAFE_FREE(filter);