diff options
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/password.c | 6 | ||||
-rw-r--r-- | source3/smbd/service.c | 19 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 9 | ||||
-rw-r--r-- | source3/smbd/share_access.c | 2 |
4 files changed, 25 insertions, 11 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index cbe4d62595..9be2b3b746 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -435,7 +435,7 @@ static bool user_ok(const char *user, int snum) * around to pass to str_list_sub_basic() */ if ( invalid && str_list_sub_basic(invalid, "", "") ) { - ret = !user_in_list(user, + ret = !user_in_list(talloc_tos(), user, (const char **)invalid); } } @@ -452,7 +452,7 @@ static bool user_ok(const char *user, int snum) * around to pass to str_list_sub_basic() */ if ( valid && str_list_sub_basic(valid, "", "") ) { - ret = user_in_list(user, + ret = user_in_list(talloc_tos(), user, (const char **)valid); } } @@ -465,7 +465,7 @@ static bool user_ok(const char *user, int snum) if (user_list && str_list_substitute(user_list, "%S", lp_servicename(snum))) { - ret = user_in_list(user, + ret = user_in_list(talloc_tos(), user, (const char **)user_list); } TALLOC_FREE(user_list); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index ab68cb783e..efe68d7c3f 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -318,13 +318,20 @@ int find_service(fstring service) char *phome_dir = get_user_home_dir(talloc_tos(), service); if(!phome_dir) { + char *service_out = NULL; /* * Try mapping the servicename, it may * be a Windows to unix mapped user name. */ - if(map_username(service)) + if(map_username(talloc_tos(), service, &service_out)) { + if (service_out == NULL) { + /* Out of memory. */ + return -1; + } + fstrcpy(service, service_out); phome_dir = get_user_home_dir( talloc_tos(), service); + } } DEBUG(3,("checking for home directory %s gave %s\n",service, @@ -1153,12 +1160,12 @@ connection_struct *make_connection(struct smbd_server_connection *sconn, /* Security = share. Try with * current_user_info.smb_name as the username. */ if (*current_user_info.smb_name) { - fstring unix_username; - fstrcpy(unix_username, - current_user_info.smb_name); - map_username(unix_username); + char *unix_username = NULL; + (void)map_username(talloc_tos(), + current_user_info.smb_name, + &unix_username); snum = find_service(unix_username); - } + } if (snum != -1) { DEBUG(5, ("making a connection to 'homes' " "service %s based on " diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index f9e49461cc..12d046038c 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -1546,13 +1546,20 @@ void reply_sesssetup_and_X(struct smb_request *req) reload_services(sconn->msg_ctx, sconn->sock, True); if (lp_security() == SEC_SHARE) { + char *sub_user_mapped = NULL; /* In share level we should ignore any passwords */ data_blob_free(&lm_resp); data_blob_free(&nt_resp); data_blob_clear_free(&plaintext_password); - map_username(sub_user); + (void)map_username(talloc_tos(), sub_user, &sub_user_mapped); + if (!sub_user_mapped) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsesssetupX); + return; + } + fstrcpy(sub_user, sub_user_mapped); add_session_user(sconn, sub_user); add_session_workgroup(sconn, domain); /* Then force it to null for the benfit of the code below */ diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c index 387d988a4d..d00616b24e 100644 --- a/source3/smbd/share_access.c +++ b/source3/smbd/share_access.c @@ -131,7 +131,7 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx, } if (*prefix == '&') { if (username) { - if (user_in_netgroup(username, name)) { + if (user_in_netgroup(mem_ctx, username, name)) { return True; } } |