summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_ntlmssp.c1
-rw-r--r--source3/auth/auth_util.c26
-rw-r--r--source3/auth/proto.h1
-rw-r--r--source3/auth/user_krb5.c2
4 files changed, 15 insertions, 15 deletions
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index f7d3619d3b..0d25ecdf68 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -44,6 +44,7 @@ NTSTATUS auth_ntlmssp_steal_session_info(TALLOC_CTX *mem_ctx,
nt_status = create_local_token(mem_ctx,
auth_ntlmssp_state->server_info,
&auth_ntlmssp_state->ntlmssp_state->session_key,
+ auth_ntlmssp_state->ntlmssp_state->user,
session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 530b8da096..e6d8e16b8e 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -457,6 +457,7 @@ static NTSTATUS log_nt_token(struct security_token *token)
NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
const struct auth_serversupplied_info *server_info,
DATA_BLOB *session_key,
+ const char *smb_username, /* for ->sanitized_username, for %U subs */
struct auth_session_info **session_info_out)
{
struct security_token *t;
@@ -465,6 +466,7 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
struct dom_sid tmp_sid;
struct auth_session_info *session_info;
struct wbcUnixId *ids;
+ fstring tmp;
/* Ensure we can't possible take a code path leading to a
* null defref. */
@@ -498,11 +500,10 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- session_info->unix_info->sanitized_username = talloc_strdup(session_info, server_info->sanitized_username);
- if (!session_info->unix_info->sanitized_username) {
- TALLOC_FREE(session_info);
- return NT_STATUS_NO_MEMORY;
- }
+ /* This is a potentially untrusted username for use in %U */
+ alpha_strcpy(tmp, smb_username, ". _-$", sizeof(tmp));
+ session_info->unix_info->sanitized_username =
+ talloc_strdup(session_info->unix_info, tmp);
session_info->unix_info->system = server_info->system;
@@ -837,7 +838,6 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i
struct netr_SamInfo3 info3;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
- fstring tmp;
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
@@ -869,7 +869,9 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i
/* This should not be done here (we should produce a server
* info, and later construct a session info from it), but for
* now this does not change the previous behavior */
- status = create_local_token(tmp_ctx, *server_info, NULL, session_info);
+ status = create_local_token(tmp_ctx, *server_info, NULL,
+ (*server_info)->info3->base.account_name.string,
+ session_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("create_local_token failed: %s\n",
nt_errstr(status)));
@@ -882,10 +884,6 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i
all zeros! */
(*session_info)->session_key = data_blob(zeros, sizeof(zeros));
- alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string,
- ". _-$", sizeof(tmp));
- (*session_info)->unix_info->sanitized_username = talloc_strdup(*session_info, tmp);
-
status = NT_STATUS_OK;
done:
TALLOC_FREE(tmp_ctx);
@@ -953,9 +951,8 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx,
status = make_server_info_pw(&result, pwd->pw_name, pwd);
- TALLOC_FREE(pwd);
-
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(pwd);
return status;
}
@@ -963,7 +960,8 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx,
result->guest = is_guest;
/* Now turn the server_info into a session_info with the full token etc */
- status = create_local_token(mem_ctx, result, NULL, session_info);
+ status = create_local_token(mem_ctx, result, NULL, pwd->pw_name, session_info);
+ TALLOC_FREE(pwd);
talloc_free(result);
return status;
}
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index bce27c86c3..b9bc748b95 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -151,6 +151,7 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
const struct auth_serversupplied_info *server_info,
DATA_BLOB *session_key,
+ const char *smb_name,
struct auth_session_info **session_info_out);
NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
bool is_guest,
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
index 923c500110..0cb80c8cfa 100644
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -262,7 +262,7 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
server_info->nss_token |= username_was_mapped;
- status = create_local_token(mem_ctx, server_info, session_key, session_info);
+ status = create_local_token(mem_ctx, server_info, session_key, ntuser, session_info);
talloc_free(server_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("failed to create local token: %s\n",