summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c32
-rw-r--r--source3/rpc_server/srv_pipe.c6
-rw-r--r--source3/rpc_server/srv_samr_nt.c127
-rw-r--r--source3/rpc_server/srv_util.c8
4 files changed, 100 insertions, 73 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index bf615682d3..fffa5b1ba1 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -203,19 +203,19 @@ static BOOL get_md4pw(char *md4pw, char *mach_acct)
if (ret==False) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
if (!(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) && ((pass=pdb_get_nt_passwd(sampass)) != NULL)) {
memcpy(md4pw, pass, 16);
dump_data(5, md4pw, 16);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -410,7 +410,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
/* Ensure the account exists and is a machine account. */
if (ret==False || !(pdb_get_acct_ctrl(sampass) & ACB_WSTRUST)) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -422,9 +422,21 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
cred_hash3( pwd, q_u->pwd, p->dc.sess_key, 0);
/* lies! nt and lm passwords are _not_ the same: don't care */
- pdb_set_lanman_passwd (sampass, pwd);
- pdb_set_nt_passwd (sampass, pwd);
- pdb_set_acct_ctrl (sampass, ACB_WSTRUST);
+ if (!pdb_set_lanman_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_nt_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_acct_ctrl (sampass, ACB_WSTRUST)) {
+ pdb_free_sam(&sampass);
+ /* Not quite sure what this one qualifies as, but this will do */
+ return NT_STATUS_NO_MEMORY;
+ }
become_root();
ret = pdb_update_sam_account (sampass,False);
@@ -436,7 +448,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &srv_cred, status);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return r_u->status;
}
@@ -679,7 +691,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
unbecome_root();
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -736,6 +748,6 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
&global_sam_sid, /* DOM_SID *dom_sid */
NULL); /* char *other_sids */
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return status;
}
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index b3f590a177..00acb93cf3 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -385,7 +385,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
if(!pdb_getsampwnam(sampass, pipe_user_name)) {
DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
unbecome_root();
return False;
}
@@ -394,7 +394,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
if(!pdb_get_nt_passwd(sampass)) {
DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -463,7 +463,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
p->ntlmssp_auth_validated = True;
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index f7e6317edf..9748d0e950 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -103,7 +103,7 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
if (!pdb_setsampwent(False)) {
DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return NT_STATUS_ACCESS_DENIED;
}
@@ -151,7 +151,7 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
}
pdb_endsampwent();
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
@@ -231,7 +231,7 @@ static NTSTATUS jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
*total_entries = *num_entries;
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
@@ -1508,12 +1508,12 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN
/* check that the RID exists in our domain. */
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
samr_clear_sam_passwd(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
@@ -1559,7 +1559,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
if (ret==False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return False;
}
@@ -1569,7 +1569,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) );
samr_clear_sam_passwd(smbpass);
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return True;
}
@@ -1600,21 +1600,21 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint3
if (ret == False) {
DEBUG(4, ("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_ACCOUNT_DISABLED;
}
ZERO_STRUCTP(id12);
init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_OK;
}
@@ -1641,7 +1641,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid)
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -1652,7 +1652,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid)
ZERO_STRUCTP(id20);
init_sam_user_info20A(id20, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
@@ -1679,7 +1679,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
@@ -1690,7 +1690,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
ZERO_STRUCTP(id21);
init_sam_user_info21A(id21, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
@@ -1946,7 +1946,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
unbecome_root();
if (ret == True) {
/* this account exists: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_USER_EXISTS;
}
@@ -1982,7 +1982,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
pstrcpy(add_script, lp_adduser_script());
} else {
DEBUG(0, ("_api_samr_create_user: mismatch between trust flags and $ termination\n"));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -1997,7 +1997,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
if (!local_password_change(account, local_flags, NULL, err_str,
sizeof(err_str), msg_str, sizeof(msg_str))) {
DEBUG(0, ("%s\n", err_str));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
@@ -2006,25 +2006,25 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
unbecome_root();
if (ret == False) {
/* account doesn't exist: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_INVALID_HANDLE;
}
/* append the user's RID to it */
if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
/* associate the user's SID with the new handle. */
if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_MEMORY;
}
@@ -2033,14 +2033,14 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
r_u->user_rid=sam_pass->user_rid;
r_u->unknown_0 = 0x000703ff;
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OK;
}
@@ -2236,24 +2236,27 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
ret = pdb_getsampwrid(pwd, rid);
if(ret==False) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id10 == NULL) {
DEBUG(5, ("set_user_info_10: NULL id10\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_acct_ctrl(pwd, id10->acb_info);
+ if (!pdb_set_acct_ctrl(pwd, id10->acb_info)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2269,25 +2272,31 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
pdb_init_sam(&pwd);
if(!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id12 == NULL) {
DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_lanman_passwd (pwd, id12->lm_pwd);
- pdb_set_nt_passwd (pwd, id12->nt_pwd);
+ if (!pdb_set_lanman_passwd (pwd, id12->lm_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
+ if (!pdb_set_nt_passwd (pwd, id12->nt_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2309,8 +2318,8 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
@@ -2327,13 +2336,13 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
/* write the change out */
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
@@ -2359,24 +2368,27 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
acct_ctrl = pdb_get_acct_ctrl(pwd);
copy_sam_passwd(new_pwd, pwd);
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
copy_id23_to_sam_passwd(new_pwd, id23);
if (!decode_pw_buffer((char*)id23->pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_set_plaintext_passwd (new_pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (new_pwd, plaintext_buf)) {
+ pdb_free_sam(&new_pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2387,7 +2399,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync() )
if(!chgpasswd(pdb_get_username(new_pwd), "", plaintext_buf, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
}
@@ -2395,11 +2407,11 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
ZERO_STRUCT(plaintext_buf);
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
@@ -2418,7 +2430,7 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
pdb_init_sam(&pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
@@ -2427,11 +2439,14 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
ZERO_STRUCT(plaintext_buf);
if (!decode_pw_buffer(pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_plaintext_passwd (pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2442,7 +2457,7 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync())
if(!chgpasswd(pdb_get_username(pwd), "", plaintext_buf, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
}
@@ -2453,11 +2468,11 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
/* update the SAMBA password */
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
@@ -2516,14 +2531,14 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
unbecome_root();
if(ret == False) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 5393523a78..dc66887ee9 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -274,12 +274,12 @@ NTSTATUS local_lookup_user_name(uint32 rid, char *user_name, uint32 *type)
if (ret == True) {
fstrcpy(user_name, pdb_get_username(sampwd) );
DEBUG(5,(" = %s\n", user_name));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_OK;
}
DEBUG(5,(" none mapped\n"));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_NONE_MAPPED;
}
@@ -340,10 +340,10 @@ NTSTATUS local_lookup_user_rid(char *user_name, uint32 *rid)
if (ret == True) {
(*rid) = pdb_get_user_rid(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_OK;
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NONE_MAPPED;
}
generated by cgit (git 2.34.1) at 2025-03-05 04:57:09 +0000