summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/auth/credentials/pycredentials.c48
-rw-r--r--source4/auth/gensec/gensec_gssapi.c2
-rw-r--r--source4/auth/pyauth.c40
-rw-r--r--source4/lib/registry/pyregistry.c37
-rw-r--r--source4/param/provision.c2
-rw-r--r--source4/scripting/python/pyglue.c4
-rw-r--r--source4/scripting/python/samba/provision.py3
7 files changed, 111 insertions, 25 deletions
diff --git a/source4/auth/credentials/pycredentials.c b/source4/auth/credentials/pycredentials.c
index e1a74037ec..879d906d6f 100644
--- a/source4/auth/credentials/pycredentials.c
+++ b/source4/auth/credentials/pycredentials.c
@@ -207,6 +207,7 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
{
PyObject *py_lp_ctx = Py_None;
struct loadparm_context *lp_ctx;
+ TALLOC_CTX *mem_ctx;
struct cli_credentials *creds;
creds = PyCredentials_AsCliCredentials(self);
@@ -214,13 +215,21 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
- if (lp_ctx == NULL)
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
+ return NULL;
+ }
cli_credentials_guess(creds, lp_ctx);
- talloc_free(lp_ctx);
+ talloc_free(mem_ctx);
Py_RETURN_NONE;
}
@@ -231,18 +240,27 @@ static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject *
struct loadparm_context *lp_ctx;
NTSTATUS status;
struct cli_credentials *creds;
+ TALLOC_CTX *mem_ctx;
creds = PyCredentials_AsCliCredentials(self);
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
- if (lp_ctx == NULL)
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
+ return NULL;
+ }
status = cli_credentials_set_machine_account(creds, lp_ctx);
- talloc_free(lp_ctx);
+ talloc_free(mem_ctx);
PyErr_NTSTATUS_IS_ERR_RAISE(status);
@@ -278,29 +296,39 @@ static PyObject *py_creds_get_named_ccache(py_talloc_Object *self, PyObject *arg
int ret;
const char *error_string;
struct cli_credentials *creds;
+ TALLOC_CTX *mem_ctx;
creds = PyCredentials_AsCliCredentials(self);
if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
- if (lp_ctx == NULL)
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
return NULL;
+ }
- event_ctx = tevent_context_init(NULL);
+ event_ctx = tevent_context_init(mem_ctx);
ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
ccache_name, &ccc, &error_string);
talloc_free(lp_ctx);
if (ret == 0) {
talloc_steal(ccc, event_ctx);
+ talloc_free(mem_ctx);
return PyCredentialCacheContainer_from_ccache_container(ccc);
}
PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
- talloc_free(event_ctx);
+ talloc_free(mem_ctx);
return NULL;
}
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index f28ab95dbd..d2f19e961e 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -360,7 +360,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
hostname, lpcfg_realm(gensec_security->settings->lp_ctx));
name_type = GSS_C_NT_USER_NAME;
- }
+ }
name_token.value = discard_const_p(uint8_t, principal);
name_token.length = strlen(principal);
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index a66411bb4a..c2a5e408c7 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -43,16 +43,25 @@ static PyObject *py_system_session(PyObject *module, PyObject *args)
PyObject *py_lp_ctx = Py_None;
struct loadparm_context *lp_ctx = NULL;
struct auth_session_info *session;
+ TALLOC_CTX *mem_ctx;
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
- if (lp_ctx == NULL)
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
+ return NULL;
+ }
session = system_session(lp_ctx);
- talloc_free(lp_ctx);
+ talloc_free(mem_ctx);
return PyAuthSession_FromSession(session);
}
@@ -65,17 +74,32 @@ static PyObject *py_admin_session(PyObject *module, PyObject *args)
struct loadparm_context *lp_ctx = NULL;
struct auth_session_info *session;
struct dom_sid *domain_sid = NULL;
+ TALLOC_CTX *mem_ctx;
+
if (!PyArg_ParseTuple(args, "OO", &py_lp_ctx, &py_sid))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
- if (lp_ctx == NULL)
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
return NULL;
+ }
- domain_sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
- session = admin_session(NULL, lp_ctx, domain_sid);
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
+ return NULL;
+ }
- talloc_free(lp_ctx);
+ domain_sid = dom_sid_parse_talloc(mem_ctx, PyString_AsString(py_sid));
+ if (domain_sid == NULL) {
+ PyErr_Format(PyExc_RuntimeError, "Unable to parse sid %s",
+ PyString_AsString(py_sid));
+ talloc_free(mem_ctx);
+ return NULL;
+ }
+ session = admin_session(NULL, lp_ctx, domain_sid);
+ talloc_free(mem_ctx);
return PyAuthSession_FromSession(session);
}
diff --git a/source4/lib/registry/pyregistry.c b/source4/lib/registry/pyregistry.c
index 1373ed87ca..9952ed3494 100644
--- a/source4/lib/registry/pyregistry.c
+++ b/source4/lib/registry/pyregistry.c
@@ -253,6 +253,7 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar
struct cli_credentials *credentials;
char *location;
struct hive_key *hive_key;
+ TALLOC_CTX *mem_ctx;
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|OOO",
discard_const_p(char *, kwnames),
@@ -261,15 +262,23 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar
&py_credentials))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected loadparm context");
+ talloc_free(mem_ctx);
return NULL;
}
credentials = cli_credentials_from_py_object(py_credentials);
if (credentials == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected credentials");
+ talloc_free(mem_ctx);
return NULL;
}
session_info = NULL;
@@ -277,6 +286,7 @@ static PyObject *py_open_hive(PyTypeObject *type, PyObject *args, PyObject *kwar
result = reg_open_hive(NULL, location, session_info, credentials,
tevent_context_init(NULL),
lp_ctx, &hive_key);
+ talloc_free(mem_ctx);
PyErr_WERROR_IS_ERR_RAISE(result);
return py_talloc_steal(&PyHiveKey, hive_key);
@@ -307,21 +317,31 @@ static PyObject *py_open_samba(PyObject *self, PyObject *args, PyObject *kwargs)
PyObject *py_lp_ctx, *py_session_info, *py_credentials;
struct auth_session_info *session_info;
struct cli_credentials *credentials;
+ TALLOC_CTX *mem_ctx;
+
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|OOO",
discard_const_p(char *, kwnames),
&py_lp_ctx, &py_session_info,
&py_credentials))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected loadparm context");
+ talloc_free(mem_ctx);
return NULL;
}
credentials = cli_credentials_from_py_object(py_credentials);
if (credentials == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected credentials");
+ talloc_free(mem_ctx);
return NULL;
}
@@ -329,6 +349,7 @@ static PyObject *py_open_samba(PyObject *self, PyObject *args, PyObject *kwargs)
result = reg_open_samba(NULL, &reg_ctx, NULL,
lp_ctx, session_info, credentials);
+ talloc_free(mem_ctx);
if (!W_ERROR_IS_OK(result)) {
PyErr_SetWERROR(result);
return NULL;
@@ -377,6 +398,7 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar
struct cli_credentials *credentials;
struct hive_key *key;
struct auth_session_info *session_info;
+ TALLOC_CTX *mem_ctx;
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|OOO",
discard_const_p(char *, kwnames),
@@ -384,15 +406,23 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar
&py_credentials, &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected loadparm context");
+ talloc_free(mem_ctx);
return NULL;
}
credentials = cli_credentials_from_py_object(py_credentials);
if (credentials == NULL) {
PyErr_SetString(PyExc_TypeError, "Expected credentials");
+ talloc_free(mem_ctx);
return NULL;
}
@@ -400,6 +430,7 @@ static PyObject *py_open_ldb_file(PyObject *self, PyObject *args, PyObject *kwar
result = reg_open_ldb_file(NULL, location, session_info, credentials,
s4_event_context_init(NULL), lp_ctx, &key);
+ talloc_free(mem_ctx);
PyErr_WERROR_IS_ERR_RAISE(result);
return py_talloc_steal(&PyHiveKey, key);
diff --git a/source4/param/provision.c b/source4/param/provision.c
index 593f9ff168..fd97f69cb3 100644
--- a/source4/param/provision.c
+++ b/source4/param/provision.c
@@ -198,7 +198,7 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
DEBUG(0, ("Missing 'lp' attribute"));
return NT_STATUS_UNSUCCESSFUL;
}
- result->lp_ctx = lpcfg_from_py_object(result, py_lp_ctx);
+ result->lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
result->samdb = PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb"));
return NT_STATUS_OK;
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
index 2afd1fa010..627443dee5 100644
--- a/source4/scripting/python/pyglue.c
+++ b/source4/scripting/python/pyglue.c
@@ -131,6 +131,10 @@ static PyObject *py_interface_ips(PyObject *self, PyObject *args)
return NULL;
tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
lp_ctx = lpcfg_from_py_object(tmp_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index ef5852090f..6429251850 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1491,7 +1491,6 @@ def provision(setup_dir, logger, session_info,
lp=lp)
share_ldb.load_ldif_file_add(setup_path("share.ldif"))
-
logger.info("Setting up secrets.ldb")
secrets_ldb = setup_secretsdb(paths.secrets, setup_path,
session_info=session_info,
@@ -1623,7 +1622,7 @@ def provision(setup_dir, logger, session_info,
provision_backend.post_setup()
provision_backend.shutdown()
-
+
create_phpldapadmin_config(paths.phpldapadminconfig, setup_path,
ldapi_url)
except: