diff options
-rw-r--r-- | source3/nsswitch/wb_client.c | 2 | ||||
-rw-r--r-- | source3/passdb/lookup_sid.c | 125 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 2 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 6 | ||||
-rw-r--r-- | source3/passdb/util_builtin.c | 2 | ||||
-rw-r--r-- | source3/passdb/util_wellknown.c | 4 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 7 | ||||
-rw-r--r-- | source3/smbd/lanman.c | 2 |
8 files changed, 79 insertions, 71 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index 6fe55e1209..0e49cd31f3 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -65,7 +65,7 @@ BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid, /* Call winbindd to convert sid to name */ BOOL winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - char **domain, char **name, + const char **domain, const char **name, enum SID_NAME_USE *name_type) { struct winbindd_request request; diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index bad5d278ae..4640eb6ae5 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -31,25 +31,32 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, const char *full_name, int flags, - char **ret_domain, char **ret_name, + const char **ret_domain, const char **ret_name, DOM_SID *ret_sid, enum SID_NAME_USE *ret_type) { - char *p, *tmp; - char *domain = NULL; - char *name = NULL; + char *p; + const char *tmp; + const char *domain = NULL; + const char *name = NULL; uint32 rid; DOM_SID sid; enum SID_NAME_USE type; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + + if (tmp_ctx == NULL) { + DEBUG(0, ("talloc_new failed\n")); + return False; + } p = strchr_m(full_name, '\\'); if (p != NULL) { - domain = talloc_strndup(mem_ctx, full_name, + domain = talloc_strndup(tmp_ctx, full_name, PTR_DIFF(p, full_name)); - name = talloc_strdup(mem_ctx, p+1); + name = talloc_strdup(tmp_ctx, p+1); } else { - domain = talloc_strdup(mem_ctx, ""); - name = talloc_strdup(mem_ctx, full_name); + domain = talloc_strdup(tmp_ctx, ""); + name = talloc_strdup(tmp_ctx, full_name); } if ((domain == NULL) || (name == NULL)) { @@ -65,7 +72,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, sid_append_rid(&sid, rid); goto ok; } - return False; + goto failed; } if (strequal(domain, builtin_domain_name())) { @@ -77,7 +84,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_ALIAS; goto ok; } - return False; + goto failed; } if (domain[0] != '\0') { @@ -86,11 +93,11 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (winbind_lookup_name(domain, name, &sid, &type)) { goto ok; } - return False; + goto failed; } if (!(flags & LOOKUP_NAME_ISOLATED)) { - return False; + goto failed; } /* Now the guesswork begins, we haven't been given an explicit @@ -101,9 +108,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* 1. well-known names */ { - tmp = domain; - if (lookup_wellknown_name(mem_ctx, name, &sid, &domain)) { - talloc_free(tmp); + if (lookup_wellknown_name(tmp_ctx, name, &sid, &domain)) { type = SID_NAME_WKN_GRP; goto ok; } @@ -124,7 +129,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (strequal(name, get_global_sam_name())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch my SID\n")); - return False; + goto failed; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -137,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (!IS_DC && strequal(name, lp_workgroup())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch the domain SID\n")); - return False; + goto failed; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -159,7 +164,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* 6. Builtin aliases */ if (lookup_builtin_name(name, &rid)) { - domain = talloc_strdup(mem_ctx, builtin_domain_name()); + domain = talloc_strdup(tmp_ctx, builtin_domain_name()); sid_copy(&sid, &global_sid_Builtin); sid_append_rid(&sid, rid); type = SID_NAME_ALIAS; @@ -172,7 +177,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* Both cases are done by looking at our passdb */ if (lookup_global_sam_name(name, &rid, &type)) { - domain = talloc_strdup(mem_ctx, get_global_sam_name()); + domain = talloc_strdup(tmp_ctx, get_global_sam_name()); sid_copy(&sid, get_global_sam_sid()); sid_append_rid(&sid, rid); goto ok; @@ -181,7 +186,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* Now our local possibilities are exhausted. */ if (!(flags & LOOKUP_NAME_REMOTE)) { - return False; + goto failed; } /* If we are not a DC, we have to ask in our primary domain. Let @@ -189,7 +194,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (!IS_DC && (winbind_lookup_name(lp_workgroup(), name, &sid, &type))) { - domain = talloc_strdup(mem_ctx, lp_workgroup()); + domain = talloc_strdup(tmp_ctx, lp_workgroup()); goto ok; } @@ -209,8 +214,6 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, goto ok; } - talloc_free(domain); - /* Here we have to cope with a little deficiency in the * winbind API: We have to ask it again for the name of the * domain it figured out itself. Maybe fix that later... */ @@ -218,40 +221,36 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, sid_copy(&dom_sid, &sid); sid_split_rid(&dom_sid, &tmp_rid); - if (!winbind_lookup_sid(mem_ctx, &dom_sid, &domain, NULL, + if (!winbind_lookup_sid(tmp_ctx, &dom_sid, &domain, NULL, &domain_type) || (domain_type != SID_NAME_DOMAIN)) { - DEBUG(2, ("winbind could not find the domain's name it " - "just looked up for us\n")); - return False; + DEBUG(2, ("winbind could not find the domain's name " + "it just looked up for us\n")); + goto failed; } - - talloc_free(domain); goto ok; } /* 10. Don't translate */ - + failed: + talloc_free(tmp_ctx); return False; ok: if ((domain == NULL) || (name == NULL)) { DEBUG(0, ("talloc failed\n")); + talloc_free(tmp_ctx); return False; } - strupper_m(domain); - if (ret_name != NULL) { - *ret_name = name; - } else { - talloc_free(name); + *ret_name = talloc_steal(mem_ctx, name); } if (ret_domain != NULL) { - *ret_domain = domain; - } else { - talloc_free(domain); + char *tmp_dom = talloc_strdup(tmp_ctx, domain); + strupper_m(tmp_dom); + *ret_domain = talloc_steal(mem_ctx, tmp_dom); } if (ret_sid != NULL) { @@ -262,6 +261,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, *ret_type = type; } + talloc_free(tmp_ctx); return True; } @@ -271,18 +271,25 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, *****************************************************************/ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - char **ret_domain, char **ret_name, + const char **ret_domain, const char **ret_name, enum SID_NAME_USE *ret_type) { - char *domain = NULL; - char *name = NULL; + const char *domain = NULL; + const char *name = NULL; enum SID_NAME_USE type; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + /* Check if this is our own sid. This should perhaps be done by winbind? For the moment handle it here. */ + if (tmp_ctx == NULL) { + DEBUG(0, ("talloc_new failed\n")); + return False; + } + if (sid_check_is_domain(sid)) { - domain = talloc_strdup(mem_ctx, get_global_sam_name()); - name = talloc_strdup(mem_ctx, ""); + domain = talloc_strdup(tmp_ctx, get_global_sam_name()); + name = talloc_strdup(tmp_ctx, ""); type = SID_NAME_DOMAIN; goto ok; } @@ -292,20 +299,20 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, SMB_ASSERT(sid_peek_rid(sid, &rid)); /* For our own domain passdb is responsible */ - if (!lookup_global_sam_rid(mem_ctx, rid, &name, &type)) { - return False; + if (!lookup_global_sam_rid(tmp_ctx, rid, &name, &type)) { + goto failed; } - domain = talloc_strdup(mem_ctx, get_global_sam_name()); + domain = talloc_strdup(tmp_ctx, get_global_sam_name()); goto ok; } if (sid_check_is_builtin(sid)) { - domain = talloc_strdup(mem_ctx, builtin_domain_name()); + domain = talloc_strdup(tmp_ctx, builtin_domain_name()); /* Yes, W2k3 returns "BUILTIN" both as domain and name here */ - name = talloc_strdup(mem_ctx, builtin_domain_name()); + name = talloc_strdup(tmp_ctx, builtin_domain_name()); type = SID_NAME_DOMAIN; goto ok; } @@ -315,55 +322,55 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, SMB_ASSERT(sid_peek_rid(sid, &rid)); - if (!lookup_builtin_rid(mem_ctx, rid, &name)) { - return False; + if (!lookup_builtin_rid(tmp_ctx, rid, &name)) { + goto failed; } /* There's only aliases in S-1-5-32 */ type = SID_NAME_ALIAS; - domain = talloc_strdup(mem_ctx, builtin_domain_name()); + domain = talloc_strdup(tmp_ctx, builtin_domain_name()); goto ok; } - if (winbind_lookup_sid(mem_ctx, sid, &domain, &name, &type)) { + if (winbind_lookup_sid(tmp_ctx, sid, &domain, &name, &type)) { goto ok; } DEBUG(10,("lookup_sid: winbind lookup for SID %s failed - trying " "special SIDs.\n", sid_string_static(sid))); - if (lookup_wellknown_sid(mem_ctx, sid, &domain, &name)) { + if (lookup_wellknown_sid(tmp_ctx, sid, &domain, &name)) { type = SID_NAME_WKN_GRP; goto ok; } + failed: DEBUG(10, ("Failed to lookup sid %s\n", sid_string_static(sid))); + talloc_free(tmp_ctx); return False; ok: if ((domain == NULL) || (name == NULL)) { DEBUG(0, ("talloc failed\n")); + talloc_free(tmp_ctx); return False; } if (ret_domain != NULL) { - *ret_domain = domain; - } else { - talloc_free(domain); + *ret_domain = talloc_steal(mem_ctx, domain); } if (ret_name != NULL) { - *ret_name = name; - } else { - talloc_free(name); + *ret_name = talloc_steal(mem_ctx, name); } if (ret_type != NULL) { *ret_type = type; } + talloc_free(tmp_ctx); return True; } diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 3ca26a57c7..006161b663 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -735,7 +735,7 @@ BOOL algorithmic_pdb_rid_is_user(uint32 rid) Look up a rid in the SAM we're responsible for (i.e. passdb) ********************************************************************/ -BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, char **name, +BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name, enum SID_NAME_USE *psid_name_use) { SAM_ACCOUNT *sam_account = NULL; diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 6ac5a3e965..4808af3908 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -1691,7 +1691,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods, if (sid_check_is_builtin(domain_sid)) { for (i=0; i<num_rids; i++) { - char *name; + const char *name; if (lookup_builtin_rid(names, rids[i], &name)) { attrs[i] = SID_NAME_ALIAS; @@ -1713,7 +1713,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods, } for (i = 0; i < num_rids; i++) { - char *name; + const char *name; if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) { names[i] = name; @@ -1772,7 +1772,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods, } for (i = 0; i < num_names; i++) { - char *name; + const char *name; if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) { names[i] = name; diff --git a/source3/passdb/util_builtin.c b/source3/passdb/util_builtin.c index e22f5f3f58..12a98d24dd 100644 --- a/source3/passdb/util_builtin.c +++ b/source3/passdb/util_builtin.c @@ -42,7 +42,7 @@ static const struct rid_name_map builtin_aliases[] = { /******************************************************************* Look up a rid in the BUILTIN domain ********************************************************************/ -BOOL lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, char **name) +BOOL lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name) { const struct rid_name_map *aliases = builtin_aliases; diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c index b1eb8b4237..8caae3b2a0 100644 --- a/source3/passdb/util_wellknown.c +++ b/source3/passdb/util_wellknown.c @@ -75,7 +75,7 @@ static struct sid_name_map_info special_domains[] = { ***************************************************************************/ BOOL lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, - char **domain, char **name) + const char **domain, const char **name) { int i; DOM_SID dom_sid; @@ -121,7 +121,7 @@ BOOL lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, ***************************************************************************/ BOOL lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name, - DOM_SID *sid, char **domain) + DOM_SID *sid, const char **domain) { int i, j; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 78e9cd6211..6cd673550e 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -96,7 +96,7 @@ static void init_dom_query(DOM_QUERY *d_q, const char *dom_name, DOM_SID *dom_si init_dom_ref - adds a domain if it's not already in, returns the index. ***************************************************************************/ -static int init_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid) +static int init_dom_ref(DOM_R_REF *ref, const char *dom_name, DOM_SID *dom_sid) { int num = 0; @@ -153,7 +153,8 @@ static int init_lsa_rid2s(TALLOC_CTX *mem_ctx, DOM_SID sid; uint32 rid; int dom_idx; - char *full_name, *domain; + char *full_name; + const char *domain; enum SID_NAME_USE type = SID_NAME_UNKNOWN; /* Split name into domain and user component */ @@ -258,7 +259,7 @@ static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME DOM_SID find_sid = sid[i].sid; uint32 rid = 0xffffffff; int dom_idx = -1; - char *name, *domain; + const char *name, *domain; enum SID_NAME_USE type = SID_NAME_UNKNOWN; DEBUG(5, ("init_lsa_trans_names: looking up sid %s\n", diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 90e36e2a83..4778702e7a 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -1894,7 +1894,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para for (i=0; i<num_groups; i++) { - char *grp_name; + const char *grp_name; if ( lookup_sid(sampw->mem_ctx, &sids[i], NULL, &grp_name, NULL) ) { |