diff options
-rw-r--r-- | source3/auth/auth_unix.c | 3 | ||||
-rw-r--r-- | source3/lib/substitute.c | 26 | ||||
-rw-r--r-- | source3/lib/username.c | 49 | ||||
-rw-r--r-- | source3/param/loadparm.c | 6 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 3 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 8 | ||||
-rw-r--r-- | source3/smbd/chgpasswd.c | 6 | ||||
-rw-r--r-- | source3/smbd/map_username.c | 2 | ||||
-rw-r--r-- | source3/smbd/password.c | 5 | ||||
-rw-r--r-- | source3/smbd/service.c | 11 | ||||
-rw-r--r-- | source3/utils/net_rpc_samsync.c | 4 | ||||
-rw-r--r-- | source3/winbindd/idmap_nss.c | 10 |
12 files changed, 67 insertions, 66 deletions
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 4fca5bcbe4..58c765226d 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -92,7 +92,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, struct passwd *pass = NULL; become_root(); - pass = Get_Pwnam(user_info->internal_username); + pass = Get_Pwnam_alloc(talloc_tos(), user_info->internal_username); /** @todo This call assumes a ASCII password, no charset transformation is @@ -123,6 +123,7 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context, } } + TALLOC_FREE(pass); return nt_status; } diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c index e06917c8fb..80feee9579 100644 --- a/source3/lib/substitute.c +++ b/source3/lib/substitute.c @@ -408,7 +408,7 @@ static const char *automount_path(const char *user_name) /* use the passwd entry as the default */ /* this will be the default if WITH_AUTOMOUNT is not used or fails */ - server_path = talloc_strdup(ctx, get_user_home_dir(user_name)); + server_path = talloc_strdup(ctx, get_user_home_dir(ctx, user_name)); if (!server_path) { return ""; } @@ -541,7 +541,6 @@ char *alloc_sub_basic(const char *smb_name, const char *domain_name, { char *b, *p, *s, *r, *a_string; fstring pidstr, vnnstr; - struct passwd *pass; char addr[INET6_ADDRSTRLEN]; const char *local_machine_name = get_local_machine_name(); @@ -571,15 +570,21 @@ char *alloc_sub_basic(const char *smb_name, const char *domain_name, } a_string = realloc_string_sub(a_string, "%U", r); break; - case 'G' : + case 'G' : { + struct passwd *pass; r = SMB_STRDUP(smb_name); if (r == NULL) { goto error; } - if ((pass = Get_Pwnam(r))!=NULL) { - a_string = realloc_string_sub(a_string, "%G", gidtoname(pass->pw_gid)); - } + pass = Get_Pwnam_alloc(talloc_tos(), r); + if (pass != NULL) { + a_string = realloc_string_sub( + a_string, "%G", + gidtoname(pass->pw_gid)); + } + TALLOC_FREE(pass); break; + } case 'D' : r = strdup_upper(domain_name); if (r == NULL) { @@ -766,7 +771,7 @@ static char *alloc_sub_advanced(const char *servicename, const char *user, const char *str) { char *a_string, *ret_string; - char *b, *p, *s, *h; + char *b, *p, *s; a_string = SMB_STRDUP(str); if (a_string == NULL) { @@ -782,10 +787,13 @@ static char *alloc_sub_advanced(const char *servicename, const char *user, case 'N' : a_string = realloc_string_sub(a_string, "%N", automount_server(user)); break; - case 'H': - if ((h = get_user_home_dir(user))) + case 'H': { + char *h; + if ((h = get_user_home_dir(talloc_tos(), user))) a_string = realloc_string_sub(a_string, "%H", h); + TALLOC_FREE(h); break; + } case 'P': a_string = realloc_string_sub(a_string, "%P", connectpath); break; diff --git a/source3/lib/username.c b/source3/lib/username.c index 21eed9f5fc..3087bac0f4 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -32,19 +32,24 @@ static struct passwd *uname_string_combinations2(char *s, TALLOC_CTX *mem_ctx, i Get a users home directory. ****************************************************************************/ -char *get_user_home_dir(const char *user) +char *get_user_home_dir(TALLOC_CTX *mem_ctx, const char *user) { - static struct passwd *pass; + struct passwd *pass; + char *result; /* Ensure the user exists. */ - pass = Get_Pwnam(user); + pass = Get_Pwnam_alloc(mem_ctx, user); if (!pass) return(NULL); + /* Return home directory from struct passwd. */ - return(pass->pw_dir); + result = talloc_move(mem_ctx, &pass->pw_dir); + + TALLOC_FREE(pass); + return result; } /**************************************************************************** @@ -55,8 +60,6 @@ char *get_user_home_dir(const char *user) * - using lp_usernamelevel() for permutations. ****************************************************************************/ -static struct passwd *Get_Pwnam_ret = NULL; - static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx, const char *user, char *user2) { @@ -134,40 +137,6 @@ struct passwd *Get_Pwnam_alloc(TALLOC_CTX *mem_ctx, const char *user) return ret; } -/**************************************************************************** - Get_Pwnam wrapper without modification. - NOTE: This with NOT modify 'user'! -****************************************************************************/ - -struct passwd *Get_Pwnam(const char *user) -{ - struct passwd *ret; - - ret = Get_Pwnam_alloc(NULL, user); - - /* This call used to just return the 'passwd' static buffer. - This could then have accidental reuse implications, so - we now malloc a copy, and free it in the next use. - - This should cause the (ab)user to segfault if it - uses an old struct. - - This is better than useing the wrong data in security - critical operations. - - The real fix is to make the callers free the returned - malloc'ed data. - */ - - if (Get_Pwnam_ret) { - TALLOC_FREE(Get_Pwnam_ret); - } - - Get_Pwnam_ret = ret; - - return ret; -} - /* The functions below have been taken from password.c and slightly modified */ /**************************************************************************** Apply a function to upper/lower case combinations diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index eea3ecec2b..4eb8a1ce65 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -4702,13 +4702,17 @@ static void lp_add_auto_services(char *str) homes = lp_servicenumber(HOMES_NAME); for (p = strtok(s, LIST_SEP); p; p = strtok(NULL, LIST_SEP)) { - char *home = get_user_home_dir(p); + char *home; if (lp_servicenumber(p) >= 0) continue; + home = get_user_home_dir(talloc_tos(), p); + if (home && homes >= 0) lp_add_home(p, homes, p, home); + + TALLOC_FREE(home); } SAFE_FREE(s); } diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index ed6a91cb2b..198960550b 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -1570,11 +1570,12 @@ static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, return True; } - pw = Get_Pwnam(*name); + pw = Get_Pwnam_alloc(talloc_tos(), *name); if (pw == NULL) { return False; } unix_id->uid = pw->pw_uid; + TALLOC_FREE(pw); return True; } TALLOC_FREE(sam_account); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index cc4b4f330f..1d69cb320e 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3325,7 +3325,8 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23, return NT_STATUS_ACCESS_DENIED; } - if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { + passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd)); + if (passwd == NULL) { DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); } @@ -3333,6 +3334,7 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23, TALLOC_FREE(pwd); return NT_STATUS_ACCESS_DENIED; } + TALLOC_FREE(passwd); } } @@ -3406,7 +3408,8 @@ static bool set_user_info_pw(uint8 *pass, struct samu *pwd) return False; } - if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { + passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd)); + if (passwd == NULL) { DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); } @@ -3414,6 +3417,7 @@ static bool set_user_info_pw(uint8 *pass, struct samu *pwd) TALLOC_FREE(pwd); return False; } + TALLOC_FREE(passwd); } } diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index e478122e9b..fb228f9e2a 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -1142,7 +1142,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw return NT_STATUS_PASSWORD_RESTRICTION; } - pass = Get_Pwnam(username); + pass = Get_Pwnam_alloc(talloc_tos(), username); if (!pass) { DEBUG(1, ("change_oem_password: Username %s does not exist in system !?!\n", username)); return NT_STATUS_ACCESS_DENIED; @@ -1160,6 +1160,7 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw if (samr_reject_reason) { *samr_reject_reason = REJECT_REASON_NOT_COMPLEX; } + TALLOC_FREE(pass); return NT_STATUS_PASSWORD_RESTRICTION; } } @@ -1178,9 +1179,12 @@ NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passw if(lp_unix_password_sync() && !chgpasswd(username, pass, old_passwd, new_passwd, as_root)) { + TALLOC_FREE(pass); return NT_STATUS_ACCESS_DENIED; } + TALLOC_FREE(pass); + if (!pdb_set_plaintext_passwd (hnd, new_passwd)) { return NT_STATUS_ACCESS_DENIED; } diff --git a/source3/smbd/map_username.c b/source3/smbd/map_username.c index bde755eff6..7290f70547 100644 --- a/source3/smbd/map_username.c +++ b/source3/smbd/map_username.c @@ -28,7 +28,7 @@ any incoming or new username - in order to canonicalize the name. This is being done to de-couple the case conversions from the user mapping function. Previously, the map_username was being called - every time Get_Pwnam was called. + every time Get_Pwnam_alloc was called. Returns True if username was changed, false otherwise. ********************************************************************/ diff --git a/source3/smbd/password.c b/source3/smbd/password.c index b3005ba082..6b517c3d86 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -837,9 +837,11 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password, /* check for a normal guest connection */ if (!ok && GUEST_OK(snum)) { + struct passwd *guest_pw; fstring guestname; fstrcpy(guestname,lp_guestaccount()); - if (Get_Pwnam(guestname)) { + guest_pw = Get_Pwnam_alloc(talloc_tos(), guestname); + if (guest_pw != NULL) { fstrcpy(user,guestname); ok = True; DEBUG(3,("authorise_login: ACCEPTED: guest account " @@ -848,6 +850,7 @@ bool authorise_login(int snum, fstring user, DATA_BLOB password, DEBUG(0,("authorise_login: Invalid guest account " "%s??\n",guestname)); } + TALLOC_FREE(guest_pw); *guest = True; } diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 88ab9f0048..ed43528c76 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -357,6 +357,7 @@ void load_registry_shares(void) int find_service(fstring service) { int iService; + TALLOC_CTX *frame = talloc_stackframe(); all_string_sub(service,"\\","/",0); @@ -364,7 +365,7 @@ int find_service(fstring service) /* now handle the special case of a home directory */ if (iService < 0) { - char *phome_dir = get_user_home_dir(service); + char *phome_dir = get_user_home_dir(talloc_tos(), service); if(!phome_dir) { /* @@ -372,7 +373,8 @@ int find_service(fstring service) * be a Windows to unix mapped user name. */ if(map_username(service)) - phome_dir = get_user_home_dir(service); + phome_dir = get_user_home_dir( + talloc_tos(), service); } DEBUG(3,("checking for home directory %s gave %s\n",service, @@ -461,6 +463,8 @@ int find_service(fstring service) if (iService < 0) DEBUG(3,("find_service() failed to find service %s\n", service)); + TALLOC_FREE(frame); + return (iService); } @@ -744,11 +748,12 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, *status = NT_STATUS_WRONG_PASSWORD; return NULL; } - pass = Get_Pwnam(user); + pass = Get_Pwnam_alloc(talloc_tos(), user); status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True, &conn->uid, &conn->gid, &found_username, &conn->nt_user_token); + TALLOC_FREE(pass); if (!NT_STATUS_IS_OK(status2)) { conn_free(conn); *status = status2; diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index ca3279ee3a..779006884d 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -486,7 +486,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) return NT_STATUS_NO_MEMORY; } - if (!(passwd = Get_Pwnam(account))) { + if (!(passwd = Get_Pwnam_alloc(sam_account, account))) { /* Create appropriate user */ if (delta->acb_info & ACB_NORMAL) { add_script = talloc_strdup(sam_account, @@ -525,7 +525,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) } /* try and find the possible unix account again */ - if ( !(passwd = Get_Pwnam(account)) ) { + if ( !(passwd = Get_Pwnam_alloc(sam_account, account)) ) { d_fprintf(stderr, "Could not create posix account info for '%s'\n", account); nt_ret = NT_STATUS_NO_SUCH_USER; goto done; diff --git a/source3/winbindd/idmap_nss.c b/source3/winbindd/idmap_nss.c index fa9f2c9681..46c24d7fcb 100644 --- a/source3/winbindd/idmap_nss.c +++ b/source3/winbindd/idmap_nss.c @@ -145,7 +145,6 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma } for (i = 0; ids[i]; i++) { - struct passwd *pw; struct group *gr; enum lsa_SidType type; const char *dom_name = NULL; @@ -166,17 +165,20 @@ static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_ma } switch (type) { - case SID_NAME_USER: + case SID_NAME_USER: { + struct passwd *pw; /* this will find also all lower case name and use username level */ - - pw = Get_Pwnam(name); + + pw = Get_Pwnam_alloc(talloc_tos(), name); if (pw) { ids[i]->xid.id = pw->pw_uid; ids[i]->xid.type = ID_TYPE_UID; ids[i]->status = ID_MAPPED; } + TALLOC_FREE(pw); break; + } case SID_NAME_DOM_GRP: case SID_NAME_ALIAS: |