summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/password.c6
-rw-r--r--source3/smbd/service.c19
-rw-r--r--source3/smbd/sesssetup.c9
-rw-r--r--source3/smbd/share_access.c2
4 files changed, 25 insertions, 11 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index cbe4d62595..9be2b3b746 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -435,7 +435,7 @@ static bool user_ok(const char *user, int snum)
* around to pass to str_list_sub_basic() */
if ( invalid && str_list_sub_basic(invalid, "", "") ) {
- ret = !user_in_list(user,
+ ret = !user_in_list(talloc_tos(), user,
(const char **)invalid);
}
}
@@ -452,7 +452,7 @@ static bool user_ok(const char *user, int snum)
* around to pass to str_list_sub_basic() */
if ( valid && str_list_sub_basic(valid, "", "") ) {
- ret = user_in_list(user,
+ ret = user_in_list(talloc_tos(), user,
(const char **)valid);
}
}
@@ -465,7 +465,7 @@ static bool user_ok(const char *user, int snum)
if (user_list &&
str_list_substitute(user_list, "%S",
lp_servicename(snum))) {
- ret = user_in_list(user,
+ ret = user_in_list(talloc_tos(), user,
(const char **)user_list);
}
TALLOC_FREE(user_list);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ab68cb783e..efe68d7c3f 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -318,13 +318,20 @@ int find_service(fstring service)
char *phome_dir = get_user_home_dir(talloc_tos(), service);
if(!phome_dir) {
+ char *service_out = NULL;
/*
* Try mapping the servicename, it may
* be a Windows to unix mapped user name.
*/
- if(map_username(service))
+ if(map_username(talloc_tos(), service, &service_out)) {
+ if (service_out == NULL) {
+ /* Out of memory. */
+ return -1;
+ }
+ fstrcpy(service, service_out);
phome_dir = get_user_home_dir(
talloc_tos(), service);
+ }
}
DEBUG(3,("checking for home directory %s gave %s\n",service,
@@ -1153,12 +1160,12 @@ connection_struct *make_connection(struct smbd_server_connection *sconn,
/* Security = share. Try with
* current_user_info.smb_name as the username. */
if (*current_user_info.smb_name) {
- fstring unix_username;
- fstrcpy(unix_username,
- current_user_info.smb_name);
- map_username(unix_username);
+ char *unix_username = NULL;
+ (void)map_username(talloc_tos(),
+ current_user_info.smb_name,
+ &unix_username);
snum = find_service(unix_username);
- }
+ }
if (snum != -1) {
DEBUG(5, ("making a connection to 'homes' "
"service %s based on "
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index f9e49461cc..12d046038c 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -1546,13 +1546,20 @@ void reply_sesssetup_and_X(struct smb_request *req)
reload_services(sconn->msg_ctx, sconn->sock, True);
if (lp_security() == SEC_SHARE) {
+ char *sub_user_mapped = NULL;
/* In share level we should ignore any passwords */
data_blob_free(&lm_resp);
data_blob_free(&nt_resp);
data_blob_clear_free(&plaintext_password);
- map_username(sub_user);
+ (void)map_username(talloc_tos(), sub_user, &sub_user_mapped);
+ if (!sub_user_mapped) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBsesssetupX);
+ return;
+ }
+ fstrcpy(sub_user, sub_user_mapped);
add_session_user(sconn, sub_user);
add_session_workgroup(sconn, domain);
/* Then force it to null for the benfit of the code below */
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index 387d988a4d..d00616b24e 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -131,7 +131,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx,
}
if (*prefix == '&') {
if (username) {
- if (user_in_netgroup(username, name)) {
+ if (user_in_netgroup(mem_ctx, username, name)) {
return True;
}
}