summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/lib/util_sid.c16
-rw-r--r--source3/libsmb/cli_reg.c5
-rw-r--r--source3/passdb/pdb_ldap.c14
-rw-r--r--source3/passdb/pdb_tdb.c57
4 files changed, 62 insertions, 30 deletions
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 009cc7742a..d35e8a8ac9 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -375,20 +375,26 @@ const char *sid_string_static(DOM_SID *sid)
BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
{
pstring tok;
- const char *p = sidstr;
+ char *p;
/* BIG NOTE: this function only does SIDS where the identauth is not >= 2^32 */
uint32 ia;
+
+ if (StrnCaseCmp( sidstr, "S-", 2)) {
+ DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
+ return False;
+ }
memset((char *)sidout, '\0', sizeof(DOM_SID));
- if (StrnCaseCmp( sidstr, "S-", 2)) {
- DEBUG(0,("string_to_sid: Sid %s does not start with 'S-'.\n", sidstr));
+ p = strdup(sidstr + 2);
+ if (p == NULL) {
+ DEBUG(0, ("string_to_sid: out of memory!\n"));
return False;
}
- p += 2;
if (!next_token(&p, tok, "-", sizeof(tok))) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+ SAFE_FREE(p);
return False;
}
@@ -397,6 +403,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
if (!next_token(&p, tok, "-", sizeof(tok))) {
DEBUG(0,("string_to_sid: Sid %s is not in a valid format.\n", sidstr));
+ SAFE_FREE(p);
return False;
}
@@ -422,6 +429,7 @@ BOOL string_to_sid(DOM_SID *sidout, const char *sidstr)
sid_append_rid(sidout, (uint32)strtoul(tok, NULL, 10));
}
+ SAFE_FREE(p);
return True;
}
diff --git a/source3/libsmb/cli_reg.c b/source3/libsmb/cli_reg.c
index 948534c29b..b88b3532ef 100644
--- a/source3/libsmb/cli_reg.c
+++ b/source3/libsmb/cli_reg.c
@@ -7,7 +7,7 @@
Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
Copyright (C) Paul Ashton 1997-1998.
Copyright (C) Jeremy Allison 1999.
- Copyright (C) Simo Sorce 2000
+ Copyright (C) Simo Sorce 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -38,8 +38,7 @@ struct cli_state *cli_winreg_initialise(struct cli_state *cli,
/* Shutdown a server */
NTSTATUS cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx,
- const char *msg,
- uint32 timeout, uint16 flags)
+ const char *msg, uint32 timeout, uint16 flags)
{
prs_struct qbuf;
prs_struct rbuf;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 215292be48..b9facb3a33 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -70,7 +70,9 @@ ldap_open_connection (LDAP ** ldap_struct)
int port;
int version, rc;
int tls = LDAP_OPT_X_TLS_HARD;
-
+
+ /* there should be an lp_ldap_ssl_port(), what happen if for some
+ reason we need to bind an SSLed LDAP on port 389 ?? ---simo */
if (lp_ldap_ssl() == LDAP_SSL_ON && lp_ldap_port() == 389) {
port = 636;
}
@@ -368,6 +370,11 @@ static BOOL init_sam_from_ldap (SAM_ACCOUNT * sampass,
uint8 *hours;
pstring temp;
+ if (sampass == NULL || ldap_struct == NULL || entry == NULL) {
+ DEBUG(0, ("init_sam_from_ldap: NULL parameters found!\n"));
+ return False;
+ }
+
get_single_attribute(ldap_struct, entry, "uid", username);
DEBUG(2, ("Entry found for user: %s\n", username));
@@ -526,6 +533,11 @@ static BOOL init_ldap_from_sam (LDAPMod *** mods, int ldap_state, const SAM_ACCO
{
pstring temp;
+ if (mods == NULL || sampass == NULL) {
+ DEBUG(0, ("init_ldap_from_sam: NULL parameters found!\n"));
+ return False;
+ }
+
*mods = NULL;
/*
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index fbfdd1aace..8c17bb76ec 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -80,6 +80,11 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf, uint32 bufle
uint32 len = 0;
uint32 lmpwlen, ntpwlen, hourslen;
BOOL ret = True;
+
+ if(sampass == NULL || buf == NULL) {
+ DEBUG(0, ("init_sam_from_buffer: NULL parameters found!\n"));
+ return False;
+ }
/* unpack the buffer into variables */
len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING,
@@ -207,9 +212,11 @@ static uint32 init_buffer_from_sam (uint8 **buf, const SAM_ACCOUNT *sampass)
uint32 nt_pw_len = 16;
/* do we have a valid SAM_ACCOUNT pointer? */
- if (sampass == NULL)
+ if (sampass == NULL) {
+ DEBUG(0, ("init_buffer_from_sam: SAM_ACCOUNT is NULL!\n"));
return -1;
-
+ }
+
*buf = NULL;
buflen = 0;
@@ -404,7 +411,7 @@ void pdb_endsampwent(void)
global_tdb_ent.passwd_tdb = NULL;
}
- DEBUG(7, ("endtdbpwent: closed password file.\n"));
+ DEBUG(7, ("endtdbpwent: closed sam database.\n"));
}
/*****************************************************************
@@ -425,10 +432,10 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
return False;
}
- /* skip all RID entries */
- while ((global_tdb_ent.key.dsize != 0) && (strncmp (global_tdb_ent.key.dptr, prefix, prefixlen)))
+ /* skip all non-USER entries (eg. RIDs) */
+ while ((global_tdb_ent.key.dsize != 0) && (strncmp(global_tdb_ent.key.dptr, prefix, prefixlen)))
/* increment to next in line */
- global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+ global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
/* do we have an valid interation pointer? */
if(global_tdb_ent.passwd_tdb == NULL) {
@@ -436,14 +443,14 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
return False;
}
- data = tdb_fetch (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+ data = tdb_fetch(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
if (!data.dptr) {
DEBUG(5,("pdb_getsampwent: database entry not found.\n"));
return False;
}
/* unpack the buffer */
- if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+ if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
SAFE_FREE(data.dptr);
return False;
@@ -461,11 +468,11 @@ BOOL pdb_getsampwent(SAM_ACCOUNT *user)
uid = pw->pw_uid;
gid = pw->pw_gid;
- pdb_set_uid (user, uid);
- pdb_set_gid (user, gid);
+ pdb_set_uid(user, uid);
+ pdb_set_gid(user, gid);
/* increment to next in line */
- global_tdb_ent.key = tdb_nextkey (global_tdb_ent.passwd_tdb, global_tdb_ent.key);
+ global_tdb_ent.key = tdb_nextkey(global_tdb_ent.passwd_tdb, global_tdb_ent.key);
return True;
}
@@ -495,12 +502,12 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
unix_strlower(sname, -1, name, sizeof(name));
get_private_directory(tdbfile);
- pstrcat (tdbfile, PASSDB_FILE_NAME);
+ pstrcat(tdbfile, PASSDB_FILE_NAME);
/* set search key */
slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
key.dptr = keystr;
- key.dsize = strlen (keystr) + 1;
+ key.dsize = strlen(keystr) + 1;
/* open the accounts TDB */
if (!(pwd_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDONLY, 0600))) {
@@ -509,34 +516,40 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, const char *sname)
}
/* get the record */
- data = tdb_fetch (pwd_tdb, key);
+ data = tdb_fetch(pwd_tdb, key);
if (!data.dptr) {
DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
- tdb_close (pwd_tdb);
+ tdb_close(pwd_tdb);
return False;
}
/* unpack the buffer */
- if (!init_sam_from_buffer (user, data.dptr, data.dsize)) {
+ if (!init_sam_from_buffer(user, data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
SAFE_FREE(data.dptr);
+ tdb_close(pwd_tdb);
return False;
}
SAFE_FREE(data.dptr);
+
+ /* cleanup */
+ tdb_close(pwd_tdb);
/* validate the account and fill in UNIX uid and gid. sys_getpwnam()
- is used instaed of Get_Pwnam() as we do not need to try case
+ is used instead of Get_Pwnam() as we do not need to try case
permutations */
if ((pw=sys_getpwnam(pdb_get_username(user)))) {
uid = pw->pw_uid;
gid = pw->pw_gid;
- pdb_set_uid (user, uid);
- pdb_set_gid (user, gid);
+ pdb_set_uid(user, uid);
+ pdb_set_gid(user, gid);
+ }
+ else {
+ DEBUG(0,("pdb_getsampwent: getpwnam(%s) return NULL. User does not exist!\n",
+ pdb_get_username(user)));
+ return False;
}
-
- /* cleanup */
- tdb_close (pwd_tdb);
return True;
}