summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/wb_client.c2
-rw-r--r--source3/passdb/lookup_sid.c125
-rw-r--r--source3/passdb/passdb.c2
-rw-r--r--source3/passdb/pdb_interface.c6
-rw-r--r--source3/passdb/util_builtin.c2
-rw-r--r--source3/passdb/util_wellknown.c4
-rw-r--r--source3/rpc_server/srv_lsa_nt.c7
-rw-r--r--source3/smbd/lanman.c2
8 files changed, 79 insertions, 71 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index 6fe55e1209..0e49cd31f3 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -65,7 +65,7 @@ BOOL winbind_lookup_name(const char *dom_name, const char *name, DOM_SID *sid,
/* Call winbindd to convert sid to name */
BOOL winbind_lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- char **domain, char **name,
+ const char **domain, const char **name,
enum SID_NAME_USE *name_type)
{
struct winbindd_request request;
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index bad5d278ae..4640eb6ae5 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -31,25 +31,32 @@
BOOL lookup_name(TALLOC_CTX *mem_ctx,
const char *full_name, int flags,
- char **ret_domain, char **ret_name,
+ const char **ret_domain, const char **ret_name,
DOM_SID *ret_sid, enum SID_NAME_USE *ret_type)
{
- char *p, *tmp;
- char *domain = NULL;
- char *name = NULL;
+ char *p;
+ const char *tmp;
+ const char *domain = NULL;
+ const char *name = NULL;
uint32 rid;
DOM_SID sid;
enum SID_NAME_USE type;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+
+ if (tmp_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return False;
+ }
p = strchr_m(full_name, '\\');
if (p != NULL) {
- domain = talloc_strndup(mem_ctx, full_name,
+ domain = talloc_strndup(tmp_ctx, full_name,
PTR_DIFF(p, full_name));
- name = talloc_strdup(mem_ctx, p+1);
+ name = talloc_strdup(tmp_ctx, p+1);
} else {
- domain = talloc_strdup(mem_ctx, "");
- name = talloc_strdup(mem_ctx, full_name);
+ domain = talloc_strdup(tmp_ctx, "");
+ name = talloc_strdup(tmp_ctx, full_name);
}
if ((domain == NULL) || (name == NULL)) {
@@ -65,7 +72,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
sid_append_rid(&sid, rid);
goto ok;
}
- return False;
+ goto failed;
}
if (strequal(domain, builtin_domain_name())) {
@@ -77,7 +84,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
type = SID_NAME_ALIAS;
goto ok;
}
- return False;
+ goto failed;
}
if (domain[0] != '\0') {
@@ -86,11 +93,11 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
if (winbind_lookup_name(domain, name, &sid, &type)) {
goto ok;
}
- return False;
+ goto failed;
}
if (!(flags & LOOKUP_NAME_ISOLATED)) {
- return False;
+ goto failed;
}
/* Now the guesswork begins, we haven't been given an explicit
@@ -101,9 +108,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
/* 1. well-known names */
{
- tmp = domain;
- if (lookup_wellknown_name(mem_ctx, name, &sid, &domain)) {
- talloc_free(tmp);
+ if (lookup_wellknown_name(tmp_ctx, name, &sid, &domain)) {
type = SID_NAME_WKN_GRP;
goto ok;
}
@@ -124,7 +129,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
if (strequal(name, get_global_sam_name())) {
if (!secrets_fetch_domain_sid(name, &sid)) {
DEBUG(3, ("Could not fetch my SID\n"));
- return False;
+ goto failed;
}
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
@@ -137,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
if (!IS_DC && strequal(name, lp_workgroup())) {
if (!secrets_fetch_domain_sid(name, &sid)) {
DEBUG(3, ("Could not fetch the domain SID\n"));
- return False;
+ goto failed;
}
/* Swap domain and name */
tmp = name; name = domain; domain = tmp;
@@ -159,7 +164,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
/* 6. Builtin aliases */
if (lookup_builtin_name(name, &rid)) {
- domain = talloc_strdup(mem_ctx, builtin_domain_name());
+ domain = talloc_strdup(tmp_ctx, builtin_domain_name());
sid_copy(&sid, &global_sid_Builtin);
sid_append_rid(&sid, rid);
type = SID_NAME_ALIAS;
@@ -172,7 +177,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
/* Both cases are done by looking at our passdb */
if (lookup_global_sam_name(name, &rid, &type)) {
- domain = talloc_strdup(mem_ctx, get_global_sam_name());
+ domain = talloc_strdup(tmp_ctx, get_global_sam_name());
sid_copy(&sid, get_global_sam_sid());
sid_append_rid(&sid, rid);
goto ok;
@@ -181,7 +186,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
/* Now our local possibilities are exhausted. */
if (!(flags & LOOKUP_NAME_REMOTE)) {
- return False;
+ goto failed;
}
/* If we are not a DC, we have to ask in our primary domain. Let
@@ -189,7 +194,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
if (!IS_DC &&
(winbind_lookup_name(lp_workgroup(), name, &sid, &type))) {
- domain = talloc_strdup(mem_ctx, lp_workgroup());
+ domain = talloc_strdup(tmp_ctx, lp_workgroup());
goto ok;
}
@@ -209,8 +214,6 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
goto ok;
}
- talloc_free(domain);
-
/* Here we have to cope with a little deficiency in the
* winbind API: We have to ask it again for the name of the
* domain it figured out itself. Maybe fix that later... */
@@ -218,40 +221,36 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
sid_copy(&dom_sid, &sid);
sid_split_rid(&dom_sid, &tmp_rid);
- if (!winbind_lookup_sid(mem_ctx, &dom_sid, &domain, NULL,
+ if (!winbind_lookup_sid(tmp_ctx, &dom_sid, &domain, NULL,
&domain_type) ||
(domain_type != SID_NAME_DOMAIN)) {
- DEBUG(2, ("winbind could not find the domain's name it "
- "just looked up for us\n"));
- return False;
+ DEBUG(2, ("winbind could not find the domain's name "
+ "it just looked up for us\n"));
+ goto failed;
}
-
- talloc_free(domain);
goto ok;
}
/* 10. Don't translate */
-
+ failed:
+ talloc_free(tmp_ctx);
return False;
ok:
if ((domain == NULL) || (name == NULL)) {
DEBUG(0, ("talloc failed\n"));
+ talloc_free(tmp_ctx);
return False;
}
- strupper_m(domain);
-
if (ret_name != NULL) {
- *ret_name = name;
- } else {
- talloc_free(name);
+ *ret_name = talloc_steal(mem_ctx, name);
}
if (ret_domain != NULL) {
- *ret_domain = domain;
- } else {
- talloc_free(domain);
+ char *tmp_dom = talloc_strdup(tmp_ctx, domain);
+ strupper_m(tmp_dom);
+ *ret_domain = talloc_steal(mem_ctx, tmp_dom);
}
if (ret_sid != NULL) {
@@ -262,6 +261,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
*ret_type = type;
}
+ talloc_free(tmp_ctx);
return True;
}
@@ -271,18 +271,25 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
*****************************************************************/
BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- char **ret_domain, char **ret_name,
+ const char **ret_domain, const char **ret_name,
enum SID_NAME_USE *ret_type)
{
- char *domain = NULL;
- char *name = NULL;
+ const char *domain = NULL;
+ const char *name = NULL;
enum SID_NAME_USE type;
+ TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+
/* Check if this is our own sid. This should perhaps be done by
winbind? For the moment handle it here. */
+ if (tmp_ctx == NULL) {
+ DEBUG(0, ("talloc_new failed\n"));
+ return False;
+ }
+
if (sid_check_is_domain(sid)) {
- domain = talloc_strdup(mem_ctx, get_global_sam_name());
- name = talloc_strdup(mem_ctx, "");
+ domain = talloc_strdup(tmp_ctx, get_global_sam_name());
+ name = talloc_strdup(tmp_ctx, "");
type = SID_NAME_DOMAIN;
goto ok;
}
@@ -292,20 +299,20 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
SMB_ASSERT(sid_peek_rid(sid, &rid));
/* For our own domain passdb is responsible */
- if (!lookup_global_sam_rid(mem_ctx, rid, &name, &type)) {
- return False;
+ if (!lookup_global_sam_rid(tmp_ctx, rid, &name, &type)) {
+ goto failed;
}
- domain = talloc_strdup(mem_ctx, get_global_sam_name());
+ domain = talloc_strdup(tmp_ctx, get_global_sam_name());
goto ok;
}
if (sid_check_is_builtin(sid)) {
- domain = talloc_strdup(mem_ctx, builtin_domain_name());
+ domain = talloc_strdup(tmp_ctx, builtin_domain_name());
/* Yes, W2k3 returns "BUILTIN" both as domain and name here */
- name = talloc_strdup(mem_ctx, builtin_domain_name());
+ name = talloc_strdup(tmp_ctx, builtin_domain_name());
type = SID_NAME_DOMAIN;
goto ok;
}
@@ -315,55 +322,55 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
SMB_ASSERT(sid_peek_rid(sid, &rid));
- if (!lookup_builtin_rid(mem_ctx, rid, &name)) {
- return False;
+ if (!lookup_builtin_rid(tmp_ctx, rid, &name)) {
+ goto failed;
}
/* There's only aliases in S-1-5-32 */
type = SID_NAME_ALIAS;
- domain = talloc_strdup(mem_ctx, builtin_domain_name());
+ domain = talloc_strdup(tmp_ctx, builtin_domain_name());
goto ok;
}
- if (winbind_lookup_sid(mem_ctx, sid, &domain, &name, &type)) {
+ if (winbind_lookup_sid(tmp_ctx, sid, &domain, &name, &type)) {
goto ok;
}
DEBUG(10,("lookup_sid: winbind lookup for SID %s failed - trying "
"special SIDs.\n", sid_string_static(sid)));
- if (lookup_wellknown_sid(mem_ctx, sid, &domain, &name)) {
+ if (lookup_wellknown_sid(tmp_ctx, sid, &domain, &name)) {
type = SID_NAME_WKN_GRP;
goto ok;
}
+ failed:
DEBUG(10, ("Failed to lookup sid %s\n", sid_string_static(sid)));
+ talloc_free(tmp_ctx);
return False;
ok:
if ((domain == NULL) || (name == NULL)) {
DEBUG(0, ("talloc failed\n"));
+ talloc_free(tmp_ctx);
return False;
}
if (ret_domain != NULL) {
- *ret_domain = domain;
- } else {
- talloc_free(domain);
+ *ret_domain = talloc_steal(mem_ctx, domain);
}
if (ret_name != NULL) {
- *ret_name = name;
- } else {
- talloc_free(name);
+ *ret_name = talloc_steal(mem_ctx, name);
}
if (ret_type != NULL) {
*ret_type = type;
}
+ talloc_free(tmp_ctx);
return True;
}
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 3ca26a57c7..006161b663 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -735,7 +735,7 @@ BOOL algorithmic_pdb_rid_is_user(uint32 rid)
Look up a rid in the SAM we're responsible for (i.e. passdb)
********************************************************************/
-BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, char **name,
+BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name,
enum SID_NAME_USE *psid_name_use)
{
SAM_ACCOUNT *sam_account = NULL;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 6ac5a3e965..4808af3908 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1691,7 +1691,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
if (sid_check_is_builtin(domain_sid)) {
for (i=0; i<num_rids; i++) {
- char *name;
+ const char *name;
if (lookup_builtin_rid(names, rids[i], &name)) {
attrs[i] = SID_NAME_ALIAS;
@@ -1713,7 +1713,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
}
for (i = 0; i < num_rids; i++) {
- char *name;
+ const char *name;
if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
names[i] = name;
@@ -1772,7 +1772,7 @@ NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
}
for (i = 0; i < num_names; i++) {
- char *name;
+ const char *name;
if (lookup_global_sam_rid(names, rids[i], &name, &attrs[i])) {
names[i] = name;
diff --git a/source3/passdb/util_builtin.c b/source3/passdb/util_builtin.c
index e22f5f3f58..12a98d24dd 100644
--- a/source3/passdb/util_builtin.c
+++ b/source3/passdb/util_builtin.c
@@ -42,7 +42,7 @@ static const struct rid_name_map builtin_aliases[] = {
/*******************************************************************
Look up a rid in the BUILTIN domain
********************************************************************/
-BOOL lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, char **name)
+BOOL lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name)
{
const struct rid_name_map *aliases = builtin_aliases;
diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c
index b1eb8b4237..8caae3b2a0 100644
--- a/source3/passdb/util_wellknown.c
+++ b/source3/passdb/util_wellknown.c
@@ -75,7 +75,7 @@ static struct sid_name_map_info special_domains[] = {
***************************************************************************/
BOOL lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
- char **domain, char **name)
+ const char **domain, const char **name)
{
int i;
DOM_SID dom_sid;
@@ -121,7 +121,7 @@ BOOL lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
***************************************************************************/
BOOL lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name,
- DOM_SID *sid, char **domain)
+ DOM_SID *sid, const char **domain)
{
int i, j;
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 78e9cd6211..6cd673550e 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -96,7 +96,7 @@ static void init_dom_query(DOM_QUERY *d_q, const char *dom_name, DOM_SID *dom_si
init_dom_ref - adds a domain if it's not already in, returns the index.
***************************************************************************/
-static int init_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
+static int init_dom_ref(DOM_R_REF *ref, const char *dom_name, DOM_SID *dom_sid)
{
int num = 0;
@@ -153,7 +153,8 @@ static int init_lsa_rid2s(TALLOC_CTX *mem_ctx,
DOM_SID sid;
uint32 rid;
int dom_idx;
- char *full_name, *domain;
+ char *full_name;
+ const char *domain;
enum SID_NAME_USE type = SID_NAME_UNKNOWN;
/* Split name into domain and user component */
@@ -258,7 +259,7 @@ static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME
DOM_SID find_sid = sid[i].sid;
uint32 rid = 0xffffffff;
int dom_idx = -1;
- char *name, *domain;
+ const char *name, *domain;
enum SID_NAME_USE type = SID_NAME_UNKNOWN;
DEBUG(5, ("init_lsa_trans_names: looking up sid %s\n",
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 90e36e2a83..4778702e7a 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1894,7 +1894,7 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
for (i=0; i<num_groups; i++) {
- char *grp_name;
+ const char *grp_name;
if ( lookup_sid(sampw->mem_ctx, &sids[i], NULL, &grp_name,
NULL) ) {