summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/groupdb/mapping.c129
-rw-r--r--source3/groupdb/mapping_ldb.c17
-rw-r--r--source3/groupdb/mapping_tdb.c129
3 files changed, 189 insertions, 86 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 6f54e3d550..78643da64e 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -171,17 +171,28 @@ bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
int smb_create_group(const char *unix_group, gid_t *new_gid)
{
- pstring add_script;
+ char *add_script = NULL;
int ret = -1;
int fd = 0;
-
+
*new_gid = 0;
/* defer to scripts */
-
+
if ( *lp_addgroup_script() ) {
- pstrcpy(add_script, lp_addgroup_script());
- pstring_sub(add_script, "%g", unix_group);
+ TALLOC_CTX *ctx = talloc_tos();
+
+ add_script = talloc_strdup(ctx,
+ lp_addgroup_script());
+ if (!add_script) {
+ return -1;
+ }
+ add_script = talloc_string_sub(ctx,
+ add_script, "%g", unix_group);
+ if (!add_script) {
+ return -1;
+ }
+
ret = smbrun(add_script, &fd);
DEBUG(ret ? 0 : 3,("smb_create_group: Running the command `%s' gave %d\n",add_script,ret));
if (ret == 0) {
@@ -197,7 +208,7 @@ int smb_create_group(const char *unix_group, gid_t *new_gid)
if (read(fd, output, sizeof(output)) > 0) {
*new_gid = (gid_t)strtoul(output, NULL, 10);
}
-
+
close(fd);
}
@@ -209,8 +220,8 @@ int smb_create_group(const char *unix_group, gid_t *new_gid)
if (grp != NULL)
*new_gid = grp->gr_gid;
}
-
- return ret;
+
+ return ret;
}
/****************************************************************************
@@ -219,14 +230,24 @@ int smb_create_group(const char *unix_group, gid_t *new_gid)
int smb_delete_group(const char *unix_group)
{
- pstring del_script;
- int ret;
+ char *del_script = NULL;
+ int ret = -1;
/* defer to scripts */
-
+
if ( *lp_delgroup_script() ) {
- pstrcpy(del_script, lp_delgroup_script());
- pstring_sub(del_script, "%g", unix_group);
+ TALLOC_CTX *ctx = talloc_tos();
+
+ del_script = talloc_strdup(ctx,
+ lp_delgroup_script());
+ if (!del_script) {
+ return -1;
+ }
+ del_script = talloc_string_sub(ctx,
+ del_script, "%g", unix_group);
+ if (!del_script) {
+ return -1;
+ }
ret = smbrun(del_script,NULL);
DEBUG(ret ? 0 : 3,("smb_delete_group: Running the command `%s' gave %d\n",del_script,ret));
if (ret == 0) {
@@ -234,24 +255,36 @@ int smb_delete_group(const char *unix_group)
}
return ret;
}
-
+
return -1;
}
/****************************************************************************
Set a user's primary UNIX group.
****************************************************************************/
+
int smb_set_primary_group(const char *unix_group, const char* unix_user)
{
- pstring add_script;
- int ret;
+ char *add_script = NULL;
+ int ret = -1;
/* defer to scripts */
-
+
if ( *lp_setprimarygroup_script() ) {
- pstrcpy(add_script, lp_setprimarygroup_script());
- all_string_sub(add_script, "%g", unix_group, sizeof(add_script));
- all_string_sub(add_script, "%u", unix_user, sizeof(add_script));
+ TALLOC_CTX *ctx = talloc_tos();
+
+ add_script = talloc_strdup(ctx,
+ lp_setprimarygroup_script());
+ if (!add_script) {
+ return -1;
+ }
+ add_script = talloc_all_string_sub(ctx,
+ add_script,
+ "%g",
+ unix_group);
+ if (!add_script) {
+ return -1;
+ }
ret = smbrun(add_script,NULL);
flush_pwnam_cache();
DEBUG(ret ? 0 : 3,("smb_set_primary_group: "
@@ -271,15 +304,29 @@ int smb_set_primary_group(const char *unix_group, const char* unix_user)
int smb_add_user_group(const char *unix_group, const char *unix_user)
{
- pstring add_script;
- int ret;
+ char *add_script = NULL;
+ int ret = -1;
/* defer to scripts */
-
+
if ( *lp_addusertogroup_script() ) {
- pstrcpy(add_script, lp_addusertogroup_script());
- pstring_sub(add_script, "%g", unix_group);
- pstring_sub(add_script, "%u", unix_user);
+ TALLOC_CTX *ctx = talloc_tos();
+
+ add_script = talloc_strdup(ctx,
+ lp_addusertogroup_script());
+ if (!add_script) {
+ return -1;
+ }
+ add_script = talloc_string_sub(ctx,
+ add_script, "%g", unix_group);
+ if (!add_script) {
+ return -1;
+ }
+ add_script = talloc_string_sub(ctx,
+ add_script, "%u", unix_user);
+ if (!add_script) {
+ return -1;
+ }
ret = smbrun(add_script,NULL);
DEBUG(ret ? 0 : 3,("smb_add_user_group: Running the command `%s' gave %d\n",add_script,ret));
if (ret == 0) {
@@ -287,7 +334,7 @@ int smb_add_user_group(const char *unix_group, const char *unix_user)
}
return ret;
}
-
+
return -1;
}
@@ -297,15 +344,29 @@ int smb_add_user_group(const char *unix_group, const char *unix_user)
int smb_delete_user_group(const char *unix_group, const char *unix_user)
{
- pstring del_script;
- int ret;
+ char *del_script = NULL;
+ int ret = -1;
/* defer to scripts */
-
+
if ( *lp_deluserfromgroup_script() ) {
- pstrcpy(del_script, lp_deluserfromgroup_script());
- pstring_sub(del_script, "%g", unix_group);
- pstring_sub(del_script, "%u", unix_user);
+ TALLOC_CTX *ctx = talloc_tos();
+
+ del_script = talloc_strdup(ctx,
+ lp_deluserfromgroup_script());
+ if (!del_script) {
+ return -1;
+ }
+ del_script = talloc_string_sub(ctx,
+ del_script, "%g", unix_group);
+ if (!del_script) {
+ return -1;
+ }
+ del_script = talloc_string_sub(ctx,
+ del_script, "%u", unix_user);
+ if (!del_script) {
+ return -1;
+ }
ret = smbrun(del_script,NULL);
DEBUG(ret ? 0 : 3,("smb_delete_user_group: Running the command `%s' gave %d\n",del_script,ret));
if (ret == 0) {
@@ -313,7 +374,7 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user)
}
return ret;
}
-
+
return -1;
}
diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c
index be1f1593fb..ab7ac0b913 100644
--- a/source3/groupdb/mapping_ldb.c
+++ b/source3/groupdb/mapping_ldb.c
@@ -618,8 +618,6 @@ static bool mapping_upgrade(const char *tdb_path)
{
static TDB_CONTEXT *tdb;
int ret, status=0;
- pstring old_path;
- pstring new_path;
tdb = tdb_open_log(tdb_path, 0, TDB_DEFAULT, O_RDWR, 0600);
if (tdb == NULL) goto failed;
@@ -637,12 +635,17 @@ static bool mapping_upgrade(const char *tdb_path)
tdb = NULL;
}
- pstrcpy(old_path, tdb_path);
- pstrcpy(new_path, state_path("group_mapping.tdb.upgraded"));
+ {
+ const char *old_path = tdb_path;
+ char *new_path = state_path("group_mapping.tdb.upgraded");
- if (rename(old_path, new_path) != 0) {
- DEBUG(0,("Failed to rename old group mapping database\n"));
- goto failed;
+ if (!new_path) {
+ goto failed;
+ }
+ if (rename(old_path, new_path) != 0) {
+ DEBUG(0,("Failed to rename old group mapping database\n"));
+ goto failed;
+ }
}
return True;
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index f0f875d082..539b02e54b 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -91,25 +91,38 @@ static bool init_group_mapping(void)
static bool add_mapping_entry(GROUP_MAP *map, int flag)
{
TDB_DATA dbuf;
- pstring key, buf;
+ char *key = NULL;
+ char *buf = NULL;
fstring string_sid="";
int len;
+ bool ret;
sid_to_string(string_sid, &map->sid);
- len = tdb_pack((uint8 *)buf, sizeof(buf), "ddff",
- map->gid, map->sid_name_use, map->nt_name, map->comment);
-
- if (len > sizeof(buf))
- return False;
+ len = tdb_pack(NULL, sizeof(buf), "ddff",
+ map->gid, map->sid_name_use, map->nt_name, map->comment);
+ if (len) {
+ buf = SMB_MALLOC_ARRAY(char, len);
+ if (!buf) {
+ return false;
+ }
+ len = tdb_pack((uint8 *)buf, sizeof(buf), "ddff", map->gid,
+ map->sid_name_use, map->nt_name, map->comment);
+ }
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ SAFE_FREE(buf);
+ return false;
+ }
dbuf.dsize = len;
dbuf.dptr = (uint8 *)buf;
- if (tdb_store_bystring(tdb, key, dbuf, flag) != 0) return False;
- return True;
+ ret = (tdb_store_bystring(tdb, key, dbuf, flag) == 0);
+
+ SAFE_FREE(key);
+ SAFE_FREE(buf);
+ return ret;
}
@@ -120,31 +133,38 @@ static bool add_mapping_entry(GROUP_MAP *map, int flag)
static bool get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
int ret = 0;
-
+
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, &sid);
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ return false;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
- if (!dbuf.dptr)
- return False;
+ if (!dbuf.dptr) {
+ SAFE_FREE(key);
+ return false;
+ }
+
+ SAFE_FREE(key);
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
- &map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
+ &map->gid, &map->sid_name_use,
+ &map->nt_name, &map->comment);
SAFE_FREE(dbuf.dptr);
-
+
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n"));
return False;
}
sid_copy(&map->sid, &sid);
-
+
return True;
}
@@ -160,12 +180,12 @@ static bool get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
/* we need to enumerate the TDB to find the GID */
- for (kbuf = tdb_firstkey(tdb);
- kbuf.dptr;
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
if (strncmp((const char *)kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
-
+
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr)
continue;
@@ -173,7 +193,7 @@ static bool get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
fstrcpy(string_sid, (const char *)kbuf.dptr+strlen(GROUP_PREFIX));
string_to_sid(&map->sid, string_sid);
-
+
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
@@ -183,7 +203,7 @@ static bool get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
DEBUG(3,("get_group_map_from_gid: tdb_unpack failure\n"));
return False;
}
-
+
if (gid==map->gid) {
SAFE_FREE(kbuf.dptr);
return True;
@@ -205,12 +225,12 @@ static bool get_group_map_from_ntname(const char *name, GROUP_MAP *map)
/* we need to enumerate the TDB to find the name */
- for (kbuf = tdb_firstkey(tdb);
- kbuf.dptr;
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
if (strncmp((const char *)kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
-
+
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr)
continue;
@@ -218,12 +238,12 @@ static bool get_group_map_from_ntname(const char *name, GROUP_MAP *map)
fstrcpy(string_sid, (const char *)kbuf.dptr+strlen(GROUP_PREFIX));
string_to_sid(&map->sid, string_sid);
-
+
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
SAFE_FREE(dbuf.dptr);
-
+
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_ntname: tdb_unpack failure\n"));
return False;
@@ -245,24 +265,28 @@ static bool get_group_map_from_ntname(const char *name, GROUP_MAP *map)
static bool group_map_remove(const DOM_SID *sid)
{
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
-
+ bool ret;
+
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, sid);
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ return false;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
- if (!dbuf.dptr)
- return False;
-
- SAFE_FREE(dbuf.dptr);
+ if (!dbuf.dptr) {
+ SAFE_FREE(key);
+ return false;
+ }
- if(tdb_delete_bystring(tdb, key) != TDB_SUCCESS)
- return False;
+ SAFE_FREE(dbuf.dptr);
- return True;
+ ret = (tdb_delete_bystring(tdb, key) == TDB_SUCCESS);
+ SAFE_FREE(key);
+ return ret;
}
/****************************************************************************
@@ -436,7 +460,7 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
GROUP_MAP map;
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
char *new_memberstring;
int result;
@@ -452,7 +476,9 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
return NT_STATUS_MEMBER_IN_ALIAS;
sid_to_string(string_sid, member);
- slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", MEMBEROF_PREFIX, string_sid) < 0) {
+ return NT_STATUS_NO_MEMORY;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
@@ -465,8 +491,10 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
new_memberstring = SMB_STRDUP(string_sid);
}
- if (new_memberstring == NULL)
+ if (new_memberstring == NULL) {
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
+ }
SAFE_FREE(dbuf.dptr);
dbuf = string_term_tdb_data(new_memberstring);
@@ -474,6 +502,7 @@ static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
result = tdb_store_bystring(tdb, key, dbuf, 0);
SAFE_FREE(new_memberstring);
+ SAFE_FREE(key);
return (result == 0 ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED);
}
@@ -564,7 +593,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
bool found = False;
char *member_string;
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring sid_string;
result = alias_memberships(member, 1, &sids, &num);
@@ -590,16 +619,24 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
num -= 1;
sid_to_string(sid_string, member);
- slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, sid_string);
+ if (asprintf(&key, "%s%s", MEMBEROF_PREFIX, sid_string) < 0) {
+ TALLOC_FREE(sids);
+ return NT_STATUS_NO_MEMORY;
+ }
- if (num == 0)
- return tdb_delete_bystring(tdb, key) == 0 ?
- NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+ if (num == 0) {
+ NTSTATUS ret = (tdb_delete_bystring(tdb, key) == 0 ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
+ TALLOC_FREE(sids);
+ SAFE_FREE(key);
+ return ret;
+ }
member_string = SMB_STRDUP("");
if (member_string == NULL) {
TALLOC_FREE(sids);
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
}
@@ -612,6 +649,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
SAFE_FREE(s);
if (member_string == NULL) {
TALLOC_FREE(sids);
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
}
}
@@ -623,6 +661,7 @@ static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
TALLOC_FREE(sids);
SAFE_FREE(member_string);
+ SAFE_FREE(key);
return result;
}