summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/passdb.h34
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/include/smbldap.h2
-rw-r--r--source3/lib/smbldap.c20
-rw-r--r--source3/lib/util_sid.c16
-rw-r--r--source3/lib/util_str.c7
-rw-r--r--source3/lib/util_uuid.c4
-rw-r--r--source3/libads/ldap.c14
-rw-r--r--source3/libads/ldap_schema.c4
-rw-r--r--source3/nmbd/nmbd_processlogon.c2
-rw-r--r--source3/passdb/pdb_interface.c6
-rwxr-xr-xsource3/script/tests/selftest.sh12
-rw-r--r--source3/winbindd/idmap_ad.c8
-rw-r--r--source3/winbindd/winbindd_ads.c14
14 files changed, 82 insertions, 67 deletions
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 9cbc6bd340..03d9f56c5a 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -5,17 +5,17 @@
Copyright (C) Luke Kenneth Casson Leighton 1998 - 2000
Copyright (C) Andrew Bartlett 2002
Copyright (C) Simo Sorce 2003
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -118,7 +118,7 @@ struct samu {
time_t pass_last_set_time; /* password last set time */
time_t pass_can_change_time; /* password can change time */
time_t pass_must_change_time; /* password must change time */
-
+
const char *username; /* UNIX username string */
const char *domain; /* Windows Domain name */
const char *nt_username; /* Windows username string */
@@ -131,22 +131,22 @@ struct samu {
const char *workstations; /* login from workstations string */
const char *comment;
const char *munged_dial; /* munged path name and dial-back tel number */
-
+
DOM_SID user_sid;
DOM_SID *group_sid;
-
+
DATA_BLOB lm_pw; /* .data is Null if no password */
DATA_BLOB nt_pw; /* .data is Null if no password */
DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
char* plaintext_pw; /* is Null if not available */
-
+
uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
uint32 fields_present; /* 0x00ff ffff */
-
+
uint16 logon_divs; /* 168 - number of hours in a week */
uint32 hours_len; /* normally 21 bytes */
uint8 hours[MAX_HOURS_LEN];
-
+
/* Was unknown_5. */
uint16 bad_password_count;
uint16 logon_count;
@@ -158,7 +158,7 @@ struct samu {
const struct pdb_methods *backend_private_methods;
void *backend_private_data;
void (*backend_private_data_free_fn)(void **);
-
+
/* maintain a copy of the user's struct passwd */
struct passwd *unix_pw;
@@ -221,7 +221,7 @@ struct pdb_methods
const char *name; /* What name got this module */
NTSTATUS (*getsampwnam)(struct pdb_methods *, struct samu *sam_acct, const char *username);
-
+
NTSTATUS (*getsampwsid)(struct pdb_methods *, struct samu *sam_acct, const DOM_SID *sid);
NTSTATUS (*create_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
@@ -230,15 +230,15 @@ struct pdb_methods
NTSTATUS (*delete_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
struct samu *sam_acct);
-
+
NTSTATUS (*add_sam_account)(struct pdb_methods *, struct samu *sampass);
-
+
NTSTATUS (*update_sam_account)(struct pdb_methods *, struct samu *sampass);
-
+
NTSTATUS (*delete_sam_account)(struct pdb_methods *, struct samu *username);
-
+
NTSTATUS (*rename_sam_account)(struct pdb_methods *, struct samu *oldname, const char *newname);
-
+
NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, bool success);
NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
@@ -378,7 +378,7 @@ struct pdb_methods
struct trustdom_info ***domains);
void *private_data; /* Private data of some kind */
-
+
void (*free_private_data)(void **);
};
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 342c1432eb..2217b3315b 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1298,7 +1298,7 @@ int sid_compare(const DOM_SID *sid1, const DOM_SID *sid2);
int sid_compare_domain(const DOM_SID *sid1, const DOM_SID *sid2);
bool sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
bool non_mappable_sid(DOM_SID *sid);
-char *sid_binstring(const DOM_SID *sid);
+char *sid_binstring(TALLOC_CTX *mem_ctx, const DOM_SID *sid);
char *sid_binstring_hex(const DOM_SID *sid);
DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, const DOM_SID *src);
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
@@ -1502,7 +1502,7 @@ void strupper_m(char *s);
size_t strlen_m(const char *s);
size_t strlen_m_term(const char *s);
size_t strlen_m_term_null(const char *s);
-char *binary_string_rfc2254(char *buf, int len);
+char *binary_string_rfc2254(TALLOC_CTX *mem_ctx, const uint8_t *buf, int len);
char *binary_string(char *buf, int len);
int fstr_sprintf(fstring s, const char *fmt, ...);
bool str_list_sub_basic( char **list, const char *smb_name,
@@ -1595,7 +1595,7 @@ int islower_ascii(int c);
void smb_uuid_pack(const struct GUID uu, UUID_FLAT *ptr);
void smb_uuid_unpack(const UUID_FLAT in, struct GUID *uu);
-char *guid_binstring(const struct GUID *guid);
+char *guid_binstring(TALLOC_CTX *mem_ctx, const struct GUID *guid);
/* The following definitions come from lib/version.c */
diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 3ac770a548..c28d43d53b 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -214,6 +214,8 @@ char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry,
char * smbldap_talloc_smallest_attribute(LDAP *ldap_struct, LDAPMessage *entry,
const char *attribute,
TALLOC_CTX *mem_ctx);
+bool smbldap_pull_sid(LDAP *ld, LDAPMessage *msg, const char *attrib,
+ struct dom_sid *sid);
void talloc_autofree_ldapmsg(TALLOC_CTX *mem_ctx, LDAPMessage *result);
void talloc_autofree_ldapmod(TALLOC_CTX *mem_ctx, LDAPMod **mod);
char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 4360d3ab57..b6921c329c 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -389,6 +389,26 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
return result;
}
+ bool smbldap_pull_sid(LDAP *ld, LDAPMessage *msg, const char *attrib,
+ struct dom_sid *sid)
+{
+ struct berval **values;
+ bool ret = False;
+
+ values = ldap_get_values_len(ld, msg, attrib);
+
+ if (!values) {
+ return false;
+ }
+
+ if (values[0] != NULL) {
+ ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
+ }
+
+ ldap_value_free_len(values);
+ return ret;
+}
+
static int ldapmsg_destructor(LDAPMessage **result) {
ldap_msgfree(*result);
return 0;
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 97284afae7..9e5d4d38a5 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -520,16 +520,18 @@ bool non_mappable_sid(DOM_SID *sid)
Caller must free.
*****************************************************************/
-char *sid_binstring(const DOM_SID *sid)
+char *sid_binstring(TALLOC_CTX *mem_ctx, const DOM_SID *sid)
{
- char *buf, *s;
+ uint8_t *buf;
+ char *s;
int len = ndr_size_dom_sid(sid, NULL, 0);
- buf = (char *)SMB_MALLOC(len);
- if (!buf)
+ buf = talloc_array(mem_ctx, uint8_t, len);
+ if (!buf) {
return NULL;
- sid_linearize(buf, len, sid);
- s = binary_string_rfc2254(buf, len);
- free(buf);
+ }
+ sid_linearize((char *)buf, len, sid);
+ s = binary_string_rfc2254(mem_ctx, buf, len);
+ TALLOC_FREE(buf);
return s;
}
diff --git a/source3/lib/util_str.c b/source3/lib/util_str.c
index 3a941f2c21..cdd7d0a300 100644
--- a/source3/lib/util_str.c
+++ b/source3/lib/util_str.c
@@ -1529,14 +1529,15 @@ size_t strlen_m_term_null(const char *s)
Caller must free.
**/
-char *binary_string_rfc2254(char *buf, int len)
+char *binary_string_rfc2254(TALLOC_CTX *mem_ctx, const uint8_t *buf, int len)
{
char *s;
int i, j;
const char *hex = "0123456789ABCDEF";
- s = (char *)SMB_MALLOC(len * 3 + 1);
- if (!s)
+ s = talloc_array(mem_ctx, char, len * 3 + 1);
+ if (s == NULL) {
return NULL;
+ }
for (j=i=0;i<len;i++) {
s[j] = '\\';
s[j+1] = hex[((unsigned char)buf[i]) >> 4];
diff --git a/source3/lib/util_uuid.c b/source3/lib/util_uuid.c
index c681b66d34..656ba2a57c 100644
--- a/source3/lib/util_uuid.c
+++ b/source3/lib/util_uuid.c
@@ -43,11 +43,11 @@ void smb_uuid_unpack(const UUID_FLAT in, struct GUID *uu)
Caller must free.
*****************************************************************/
-char *guid_binstring(const struct GUID *guid)
+char *guid_binstring(TALLOC_CTX *mem_ctx, const struct GUID *guid)
{
UUID_FLAT guid_flat;
smb_uuid_pack(*guid, &guid_flat);
- return binary_string_rfc2254((char *)guid_flat.info, UUID_FLAT_SIZE);
+ return binary_string_rfc2254(mem_ctx, guid_flat.info, UUID_FLAT_SIZE);
}
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 588c0a131c..3e5764a598 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -2619,19 +2619,7 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field,
DOM_SID *sid)
{
- struct berval **values;
- bool ret = False;
-
- values = ldap_get_values_len(ads->ldap.ld, msg, field);
-
- if (!values)
- return False;
-
- if (values[0])
- ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
-
- ldap_value_free_len(values);
- return ret;
+ return smbldap_pull_sid(ads->ldap.ld, msg, field, sid);
}
/**
diff --git a/source3/libads/ldap_schema.c b/source3/libads/ldap_schema.c
index b5d2d35889..a841fbdca8 100644
--- a/source3/libads/ldap_schema.c
+++ b/source3/libads/ldap_schema.c
@@ -122,7 +122,7 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads,
goto done;
}
- guid_bin = guid_binstring(schema_guid);
+ guid_bin = guid_binstring(mem_ctx, schema_guid);
if (!guid_bin) {
goto done;
}
@@ -145,7 +145,7 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads,
result = ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName");
done:
- SAFE_FREE(guid_bin);
+ TALLOC_FREE(guid_bin);
ads_msgfree(ads, res);
return result;
diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c
index 43e80af394..4a993c9d83 100644
--- a/source3/nmbd/nmbd_processlogon.c
+++ b/source3/nmbd/nmbd_processlogon.c
@@ -187,7 +187,7 @@ static void nmbd_proxy_logon(struct nmbd_proxy_logon_context *ctx,
(ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
- DEBUG(0,("failed parse nbt_letlogon_packet: %s\n",
+ DEBUG(0,("failed parse nbt_netlogon_packet: %s\n",
nt_errstr(status)));
TALLOC_FREE(state);
return;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 340867a5a6..b4e1bd436c 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1711,7 +1711,7 @@ static NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
static int pdb_search_destructor(struct pdb_search *search)
{
- if (!search->search_ended) {
+ if ((!search->search_ended) && (search->search_end != NULL)) {
search->search_end(search);
}
return 0;
@@ -1733,6 +1733,7 @@ struct pdb_search *pdb_search_init(TALLOC_CTX *mem_ctx,
result->num_entries = 0;
result->cache_size = 0;
result->search_ended = False;
+ result->search_end = NULL;
/* Segfault appropriately if not initialized */
result->next_entry = NULL;
@@ -2021,7 +2022,8 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
{
/* allocate memory for the structure as its own talloc CTX */
- if ( !(*methods = TALLOC_ZERO_P(talloc_autofree_context(), struct pdb_methods) ) ) {
+ *methods = talloc_zero(talloc_autofree_context(), struct pdb_methods);
+ if (*methods == NULL) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source3/script/tests/selftest.sh b/source3/script/tests/selftest.sh
index 1f3ad761b2..956c5af77b 100755
--- a/source3/script/tests/selftest.sh
+++ b/source3/script/tests/selftest.sh
@@ -216,11 +216,13 @@ cat >$SERVERCONFFILE<<EOF
lanman auth = yes
time server = yes
- add user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
- add group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_GROUP --type group --action add --name %g
- add machine script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
- delete user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action delete --name %u
- delete group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_GROUP --type group --action delete --name %g
+ add user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
+ add group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type group --action add --name %g
+ add user to group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type member --action add --name %g --member %u --passwd_path $NSS_WRAPPER_PASSWD
+ add machine script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
+ delete user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action delete --name %u
+ delete group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type group --action delete --name %g
+ delete user from group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type member --action delete --name %g --member %u --passwd_path $NSS_WRAPPER_PASSWD
kernel oplocks = no
kernel change notify = no
diff --git a/source3/winbindd/idmap_ad.c b/source3/winbindd/idmap_ad.c
index 5c29ba0b22..3791a86876 100644
--- a/source3/winbindd/idmap_ad.c
+++ b/source3/winbindd/idmap_ad.c
@@ -570,10 +570,10 @@ again:
ids[idx]->status = ID_UNKNOWN;
- sidstr = sid_binstring(ids[idx]->sid);
+ sidstr = sid_binstring(talloc_tos(), ids[idx]->sid);
filter = talloc_asprintf_append_buffer(filter, "(objectSid=%s)", sidstr);
- free(sidstr);
+ TALLOC_FREE(sidstr);
CHECK_ALLOC_DONE(filter);
}
filter = talloc_asprintf_append_buffer(filter, "))");
@@ -894,9 +894,9 @@ static NTSTATUS nss_ad_get_info( struct nss_domain_entry *e,
attrs[2] = ctx->ad_schema->posix_gecos_attr;
attrs[3] = ctx->ad_schema->posix_gidnumber_attr;
- sidstr = sid_binstring(sid);
+ sidstr = sid_binstring(mem_ctx, sid);
filter = talloc_asprintf(mem_ctx, "(objectSid=%s)", sidstr);
- SAFE_FREE(sidstr);
+ TALLOC_FREE(sidstr);
if (!filter) {
nt_status = NT_STATUS_NO_MEMORY;
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index dcf5623d29..0f40419a0e 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -524,14 +524,14 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
goto done;
}
- sidstr = sid_binstring(sid);
+ sidstr = sid_binstring(talloc_tos(), sid);
if (asprintf(&ldap_exp, "(objectSid=%s)", sidstr) == -1) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
rc = ads_search_retry(ads, &msg, ldap_exp, attrs);
free(ldap_exp);
- free(sidstr);
+ TALLOC_FREE(sidstr);
if (!ADS_ERR_OK(rc) || !msg) {
DEBUG(1,("query_user(sid=%s) ads_search: %s\n",
sid_string_dbg(sid), ads_errstr(rc)));
@@ -1011,21 +1011,19 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
goto done;
}
- if ((sidbinstr = sid_binstring(group_sid)) == NULL) {
+ if ((sidbinstr = sid_binstring(talloc_tos(), group_sid)) == NULL) {
status = NT_STATUS_NO_MEMORY;
goto done;
}
/* search for all members of the group */
- if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)",
- sidbinstr)))
- {
- SAFE_FREE(sidbinstr);
+ ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)", sidbinstr);
+ TALLOC_FREE(sidbinstr);
+ if (ldap_exp == NULL) {
DEBUG(1, ("ads: lookup_groupmem: talloc_asprintf for ldap_exp failed!\n"));
status = NT_STATUS_NO_MEMORY;
goto done;
}
- SAFE_FREE(sidbinstr);
args.control = ADS_EXTENDED_DN_OID;
args.val = ADS_EXTENDED_DN_HEX_STRING;