summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/asn1.c29
-rw-r--r--source3/libsmb/clifile.c6
-rw-r--r--source3/libsmb/domain_client_validate.c50
-rw-r--r--source3/libsmb/pwd_cache.c16
4 files changed, 58 insertions, 43 deletions
diff --git a/source3/libsmb/asn1.c b/source3/libsmb/asn1.c
index a8c0eebb94..50cf6a7142 100644
--- a/source3/libsmb/asn1.c
+++ b/source3/libsmb/asn1.c
@@ -32,14 +32,14 @@ BOOL asn1_write(ASN1_DATA *data, const void *p, int len)
{
if (data->has_error) return False;
if (data->length < data->ofs+len) {
- uint8 *p;
- p = Realloc(data->data, data->ofs+len);
- if (!p) {
+ uint8 *newp;
+ newp = Realloc(data->data, data->ofs+len);
+ if (!newp) {
SAFE_FREE(data->data);
data->has_error = True;
return False;
}
- data->data = p;
+ data->data = newp;
data->length = data->ofs+len;
}
memcpy(data->data + data->ofs, p, len);
@@ -112,20 +112,27 @@ BOOL asn1_pop_tag(ASN1_DATA *data)
BOOL asn1_write_OID(ASN1_DATA *data, const char *OID)
{
unsigned v, v2;
- char *p = (char *)OID;
+ const char *p = (const char *)OID;
+ char *newp;
- if (!asn1_push_tag(data, ASN1_OID)) return False;
- v = strtol(p, &p, 10);
- v2 = strtol(p, &p, 10);
- if (!asn1_write_uint8(data, 40*v + v2)) return False;
+ if (!asn1_push_tag(data, ASN1_OID))
+ return False;
+ v = strtol(p, &newp, 10);
+ p = newp;
+ v2 = strtol(p, &newp, 10);
+ p = newp;
+ if (!asn1_write_uint8(data, 40*v + v2))
+ return False;
while (*p) {
- v = strtol(p, &p, 10);
+ v = strtol(p, &newp, 10);
+ p = newp;
if (v >= (1<<28)) asn1_write_uint8(data, 0x80 | ((v>>28)&0xff));
if (v >= (1<<21)) asn1_write_uint8(data, 0x80 | ((v>>21)&0xff));
if (v >= (1<<14)) asn1_write_uint8(data, 0x80 | ((v>>14)&0xff));
if (v >= (1<<7)) asn1_write_uint8(data, 0x80 | ((v>>7)&0xff));
- if (!asn1_write_uint8(data, v&0x7f)) return False;
+ if (!asn1_write_uint8(data, v&0x7f))
+ return False;
}
return asn1_pop_tag(data);
}
diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c
index e9981d7205..d9f8e19910 100644
--- a/source3/libsmb/clifile.c
+++ b/source3/libsmb/clifile.c
@@ -212,7 +212,7 @@ int cli_nt_delete_on_close(struct cli_state *cli, int fnum, BOOL flag)
Used in smbtorture.
****************************************************************************/
-int cli_nt_create_full(struct cli_state *cli, char *fname, uint32 DesiredAccess,
+int cli_nt_create_full(struct cli_state *cli, const char *fname, uint32 DesiredAccess,
uint32 FileAttributes, uint32 ShareAccess,
uint32 CreateDisposition, uint32 CreateOptions)
{
@@ -268,7 +268,7 @@ int cli_nt_create_full(struct cli_state *cli, char *fname, uint32 DesiredAccess,
open a file
****************************************************************************/
-int cli_nt_create(struct cli_state *cli, char *fname, uint32 DesiredAccess)
+int cli_nt_create(struct cli_state *cli, const char *fname, uint32 DesiredAccess)
{
return cli_nt_create_full(cli, fname, DesiredAccess, 0,
FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_EXISTS_OPEN, 0x0);
@@ -278,7 +278,7 @@ int cli_nt_create(struct cli_state *cli, char *fname, uint32 DesiredAccess)
open a file
WARNING: if you open with O_WRONLY then getattrE won't work!
****************************************************************************/
-int cli_open(struct cli_state *cli, char *fname, int flags, int share_mode)
+int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode)
{
char *p;
unsigned openfn=0;
diff --git a/source3/libsmb/domain_client_validate.c b/source3/libsmb/domain_client_validate.c
index 20db1ee4d6..7a8fa66841 100644
--- a/source3/libsmb/domain_client_validate.c
+++ b/source3/libsmb/domain_client_validate.c
@@ -352,25 +352,41 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info,
}
}
- /* Store the user group information in the server_info returned to
- the caller. */
+ /* Store the user group information in the server_info returned to the caller. */
- if (NT_STATUS_IS_OK(status)) {
- if (((*server_info)->group_rids = malloc(info3.num_groups2 *
- sizeof(uint32))) == NULL) {
- DEBUG(1, ("out of memory allocating rid group membership\n"));
+ if (NT_STATUS_IS_OK(status) && (info3.num_groups2 != 0)) {
+ DOM_SID domain_sid;
+ int i;
+ NT_USER_TOKEN *ptok;
+ auth_serversupplied_info *pserver_info = *server_info;
+
+ if ((pserver_info->ptok = malloc( sizeof(NT_USER_TOKEN) ) ) == NULL) {
+ DEBUG(0, ("domain_client_validate: out of memory allocating rid group membership\n"));
status = NT_STATUS_NO_MEMORY;
free_server_info(server_info);
- } else {
- int i;
-
- (*server_info)->n_rids = info3.num_groups2;
-
- for (i = 0; i < (*server_info)->n_rids; i++) {
- (*server_info)->group_rids[i] = info3.gids[i].g_rid;
- DEBUG(5, ("** adding group rid 0x%x\n",
- info3.gids[i].g_rid));
- }
+ goto done;
+ }
+
+ ptok = pserver_info->ptok;
+ ptok->num_sids = (size_t)info3.num_groups2;
+
+ if ((ptok->user_sids = (DOM_SID *)malloc( sizeof(DOM_SID) * ptok->num_sids )) == NULL) {
+ DEBUG(0, ("domain_client_validate: Out of memory allocating group SIDS\n"));
+ status = NT_STATUS_NO_MEMORY;
+ free_server_info(server_info);
+ goto done;
+ }
+
+ if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
+ DEBUG(0, ("domain_client_validate: unable to fetch domain sid.\n"));
+ status = NT_STATUS_NO_MEMORY;
+ free_server_info(server_info);
+ goto done;
+ }
+
+ for (i = 0; i < ptok->num_sids; i++) {
+ sid_copy(&ptok->user_sids[i], &domain_sid);
+ sid_append_rid(&ptok->user_sids[i], info3.gids[i].g_rid);
}
}
@@ -390,6 +406,8 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info,
}
#endif /* 0 */
+ done:
+
/* Note - once the cli stream is shutdown the mem_ctx used
to allocate the other_sids and gids structures has been deleted - so
these pointers are no longer valid..... */
diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c
index 64e23e0feb..4a2c5f1604 100644
--- a/source3/libsmb/pwd_cache.c
+++ b/source3/libsmb/pwd_cache.c
@@ -49,41 +49,31 @@ BOOL pwd_is_nullpwd(const struct pwd_info *pwd)
/****************************************************************************
compares two passwords. hmm, not as trivial as expected. hmm.
****************************************************************************/
-BOOL pwd_compare(struct pwd_info *pwd1, struct pwd_info *pwd2)
+BOOL pwd_compare(const struct pwd_info *pwd1, const struct pwd_info *pwd2)
{
- if (pwd1->cleartext && pwd2->cleartext)
- {
+ if (pwd1->cleartext && pwd2->cleartext) {
if (strequal(pwd1->password, pwd2->password))
- {
return True;
- }
}
if (pwd1->null_pwd && pwd2->null_pwd)
- {
return True;
- }
if (!pwd1->null_pwd && !pwd2->null_pwd &&
- !pwd1->cleartext && !pwd2->cleartext)
- {
+ !pwd1->cleartext && !pwd2->cleartext) {
#ifdef DEBUG_PASSWORD
DEBUG(100,("pwd compare: nt#\n"));
dump_data(100, pwd1->smb_nt_pwd, 16);
dump_data(100, pwd2->smb_nt_pwd, 16);
#endif
if (memcmp(pwd1->smb_nt_pwd, pwd2->smb_nt_pwd, 16) == 0)
- {
return True;
- }
#ifdef DEBUG_PASSWORD
DEBUG(100,("pwd compare: lm#\n"));
dump_data(100, pwd1->smb_lm_pwd, 16);
dump_data(100, pwd2->smb_lm_pwd, 16);
#endif
if (memcmp(pwd1->smb_lm_pwd, pwd2->smb_lm_pwd, 16) == 0)
- {
return True;
- }
}
return False;
}