diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/net.h | 12 | ||||
-rw-r--r-- | source3/utils/net_rpc_samsync.c | 256 |
2 files changed, 144 insertions, 124 deletions
diff --git a/source3/utils/net.h b/source3/utils/net.h index 65c8d75584..e5bd2ab692 100644 --- a/source3/utils/net.h +++ b/source3/utils/net.h @@ -148,13 +148,13 @@ enum netdom_domain_t { ND_TYPE_NT4, ND_TYPE_AD }; /* Structure for mapping accounts to groups */ /* Array element is the group rid */ typedef struct _groupmap { - uint32 rid; - uint32 gidNumber; - fstring sambaSID; - fstring group_dn; + uint32_t rid; + uint32_t gidNumber; + const char *sambaSID; + const char *group_dn; } GROUPMAP; typedef struct _accountmap { - uint32 rid; - fstring cn; + uint32_t rid; + const char *cn; } ACCOUNTMAP; diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 510baa4f51..cdda0232d8 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -1459,100 +1459,114 @@ static NTSTATUS populate_ldap_for_ldif(fstring sid, const char *suffix, const ch return NT_STATUS_OK; } -static NTSTATUS map_populate_groups(GROUPMAP *groupmap, ACCOUNTMAP *accountmap, fstring sid, - const char *suffix, const char *builtin_sid) +static NTSTATUS map_populate_groups(TALLOC_CTX *mem_ctx, + GROUPMAP *groupmap, + ACCOUNTMAP *accountmap, + fstring sid, + const char *suffix, + const char *builtin_sid) { char *group_attr = sstring_sub(lp_ldap_group_suffix(), '=', ','); /* Map the groups created by populate_ldap_for_ldif */ - groupmap[0].rid = 512; - groupmap[0].gidNumber = 512; - snprintf(groupmap[0].sambaSID, sizeof(groupmap[0].sambaSID), - "%s-512", sid); - snprintf(groupmap[0].group_dn, sizeof(groupmap[0].group_dn), - "cn=Domain Admins,ou=%s,%s", - group_attr, suffix); - accountmap[0].rid = 512; - snprintf(accountmap[0].cn, sizeof(accountmap[0].cn), - "%s", "Domain Admins"); - - groupmap[1].rid = 513; - groupmap[1].gidNumber = 513; - snprintf(groupmap[1].sambaSID, sizeof(groupmap[1].sambaSID), - "%s-513", sid); - snprintf(groupmap[1].group_dn, sizeof(groupmap[1].group_dn), - "cn=Domain Users,ou=%s,%s", - group_attr, suffix); - accountmap[1].rid = 513; - snprintf(accountmap[1].cn, sizeof(accountmap[1].cn), - "%s", "Domain Users"); - - groupmap[2].rid = 514; - groupmap[2].gidNumber = 514; - snprintf(groupmap[2].sambaSID, sizeof(groupmap[2].sambaSID), - "%s-514", sid); - snprintf(groupmap[2].group_dn, sizeof(groupmap[2].group_dn), - "cn=Domain Guests,ou=%s,%s", - group_attr, suffix); - accountmap[2].rid = 514; - snprintf(accountmap[2].cn, sizeof(accountmap[2].cn), - "%s", "Domain Guests"); - - groupmap[3].rid = 515; - groupmap[3].gidNumber = 515; - snprintf(groupmap[3].sambaSID, sizeof(groupmap[3].sambaSID), - "%s-515", sid); - snprintf(groupmap[3].group_dn, sizeof(groupmap[3].group_dn), - "cn=Domain Computers,ou=%s,%s", - group_attr, suffix); - accountmap[3].rid = 515; - snprintf(accountmap[3].cn, sizeof(accountmap[3].cn), - "%s", "Domain Computers"); - - groupmap[4].rid = 544; - groupmap[4].gidNumber = 544; - snprintf(groupmap[4].sambaSID, sizeof(groupmap[4].sambaSID), - "%s-544", builtin_sid); - snprintf(groupmap[4].group_dn, sizeof(groupmap[4].group_dn), - "cn=Administrators,ou=%s,%s", - group_attr, suffix); - accountmap[4].rid = 515; - snprintf(accountmap[4].cn, sizeof(accountmap[4].cn), - "%s", "Administrators"); - - groupmap[5].rid = 550; - groupmap[5].gidNumber = 550; - snprintf(groupmap[5].sambaSID, sizeof(groupmap[5].sambaSID), - "%s-550", builtin_sid); - snprintf(groupmap[5].group_dn, sizeof(groupmap[5].group_dn), - "cn=Print Operators,ou=%s,%s", - group_attr, suffix); - accountmap[5].rid = 550; - snprintf(accountmap[5].cn, sizeof(accountmap[5].cn), - "%s", "Print Operators"); - - groupmap[6].rid = 551; - groupmap[6].gidNumber = 551; - snprintf(groupmap[6].sambaSID, sizeof(groupmap[6].sambaSID), - "%s-551", builtin_sid); - snprintf(groupmap[6].group_dn, sizeof(groupmap[6].group_dn), - "cn=Backup Operators,ou=%s,%s", - group_attr, suffix); - accountmap[6].rid = 551; - snprintf(accountmap[6].cn, sizeof(accountmap[6].cn), - "%s", "Backup Operators"); - - groupmap[7].rid = 552; - groupmap[7].gidNumber = 552; - snprintf(groupmap[7].sambaSID, sizeof(groupmap[7].sambaSID), - "%s-552", builtin_sid); - snprintf(groupmap[7].group_dn, sizeof(groupmap[7].group_dn), - "cn=Replicators,ou=%s,%s", - group_attr, suffix); - accountmap[7].rid = 551; - snprintf(accountmap[7].cn, sizeof(accountmap[7].cn), - "%s", "Replicators"); + groupmap[0].rid = 512; + groupmap[0].gidNumber = 512; + groupmap[0].sambaSID = talloc_asprintf(mem_ctx, "%s-512", sid); + groupmap[0].group_dn = talloc_asprintf(mem_ctx, + "cn=Domain Admins,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[0].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[0].group_dn); + + accountmap[0].rid = 512; + accountmap[0].cn = talloc_strdup(mem_ctx, "Domain Admins"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[0].cn); + + groupmap[1].rid = 513; + groupmap[1].gidNumber = 513; + groupmap[1].sambaSID = talloc_asprintf(mem_ctx, "%s-513", sid); + groupmap[1].group_dn = talloc_asprintf(mem_ctx, + "cn=Domain Users,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[1].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[1].group_dn); + + accountmap[1].rid = 513; + accountmap[1].cn = talloc_strdup(mem_ctx, "Domain Users"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[1].cn); + + groupmap[2].rid = 514; + groupmap[2].gidNumber = 514; + groupmap[2].sambaSID = talloc_asprintf(mem_ctx, "%s-514", sid); + groupmap[2].group_dn = talloc_asprintf(mem_ctx, + "cn=Domain Guests,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[2].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[2].group_dn); + + accountmap[2].rid = 514; + accountmap[2].cn = talloc_strdup(mem_ctx, "Domain Guests"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[2].cn); + + groupmap[3].rid = 515; + groupmap[3].gidNumber = 515; + groupmap[3].sambaSID = talloc_asprintf(mem_ctx, "%s-515", sid); + groupmap[3].group_dn = talloc_asprintf(mem_ctx, + "cn=Domain Computers,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[3].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[3].group_dn); + + accountmap[3].rid = 515; + accountmap[3].cn = talloc_strdup(mem_ctx, "Domain Computers"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[3].cn); + + groupmap[4].rid = 544; + groupmap[4].gidNumber = 544; + groupmap[4].sambaSID = talloc_asprintf(mem_ctx, "%s-544", builtin_sid); + groupmap[4].group_dn = talloc_asprintf(mem_ctx, + "cn=Administrators,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[4].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[4].group_dn); + + accountmap[4].rid = 515; + accountmap[4].cn = talloc_strdup(mem_ctx, "Administrators"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[4].cn); + + groupmap[5].rid = 550; + groupmap[5].gidNumber = 550; + groupmap[5].sambaSID = talloc_asprintf(mem_ctx, "%s-550", builtin_sid); + groupmap[5].group_dn = talloc_asprintf(mem_ctx, + "cn=Print Operators,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[5].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[5].group_dn); + + accountmap[5].rid = 550; + accountmap[5].cn = talloc_strdup(mem_ctx, "Print Operators"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[5].cn); + + groupmap[6].rid = 551; + groupmap[6].gidNumber = 551; + groupmap[6].sambaSID = talloc_asprintf(mem_ctx, "%s-551", builtin_sid); + groupmap[6].group_dn = talloc_asprintf(mem_ctx, + "cn=Backup Operators,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[6].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[6].group_dn); + + accountmap[6].rid = 551; + accountmap[6].cn = talloc_strdup(mem_ctx, "Backup Operators"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[6].cn); + + groupmap[7].rid = 552; + groupmap[7].gidNumber = 552; + groupmap[7].sambaSID = talloc_asprintf(mem_ctx, "%s-552", builtin_sid); + groupmap[7].group_dn = talloc_asprintf(mem_ctx, + "cn=Replicators,ou=%s,%s", group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap[7].sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap[7].group_dn); + + accountmap[7].rid = 551; + accountmap[7].cn = talloc_strdup(mem_ctx, "Replicators"); + NT_STATUS_HAVE_NO_MEMORY(accountmap[7].cn); + SAFE_FREE(group_attr); + return NT_STATUS_OK; } @@ -1617,8 +1631,12 @@ static int fprintf_attr(FILE *add_fd, const char *attr_name, return res; } -static NTSTATUS fetch_group_info_to_ldif(struct netr_DELTA_GROUP *r, GROUPMAP *groupmap, - FILE *add_fd, fstring sid, char *suffix) +static NTSTATUS fetch_group_info_to_ldif(TALLOC_CTX *mem_ctx, + struct netr_DELTA_GROUP *r, + GROUPMAP *groupmap, + FILE *add_fd, + fstring sid, + char *suffix) { fstring groupname; uint32 grouptype = 0, g_rid = 0; @@ -1650,10 +1668,11 @@ static NTSTATUS fetch_group_info_to_ldif(struct netr_DELTA_GROUP *r, GROUPMAP *g g_rid = r->rid; groupmap->rid = g_rid; groupmap->gidNumber = ldif_gid; - snprintf(groupmap->sambaSID, sizeof(groupmap->sambaSID), - "%s-%d", sid, g_rid); - snprintf(groupmap->group_dn, sizeof(groupmap->group_dn), - "cn=%s,ou=%s,%s", groupname, group_attr, suffix); + groupmap->sambaSID = talloc_asprintf(mem_ctx, "%s-%d", sid, g_rid); + groupmap->group_dn = talloc_asprintf(mem_ctx, + "cn=%s,ou=%s,%s", groupname, group_attr, suffix); + NT_STATUS_HAVE_NO_MEMORY(groupmap->sambaSID); + NT_STATUS_HAVE_NO_MEMORY(groupmap->group_dn); /* Write the data to the temporary add ldif file */ fprintf(add_fd, "# %s, %s, %s\n", groupname, group_attr, @@ -1675,7 +1694,8 @@ static NTSTATUS fetch_group_info_to_ldif(struct netr_DELTA_GROUP *r, GROUPMAP *g return NT_STATUS_OK; } -static NTSTATUS fetch_account_info_to_ldif(struct netr_DELTA_USER *r, +static NTSTATUS fetch_account_info_to_ldif(TALLOC_CTX *mem_ctx, + struct netr_DELTA_USER *r, GROUPMAP *groupmap, ACCOUNTMAP *accountmap, FILE *add_fd, @@ -1702,7 +1722,8 @@ static NTSTATUS fetch_account_info_to_ldif(struct netr_DELTA_USER *r, /* Map the rid and username for group member info later */ accountmap->rid = rid; - snprintf(accountmap->cn, sizeof(accountmap->cn), "%s", username); + accountmap->cn = talloc_strdup(mem_ctx, username); + NT_STATUS_HAVE_NO_MEMORY(accountmap->cn); /* Get the home directory */ if (r->acct_flags & ACB_NORMAL) { @@ -1820,7 +1841,8 @@ static NTSTATUS fetch_account_info_to_ldif(struct netr_DELTA_USER *r, return NT_STATUS_OK; } -static NTSTATUS fetch_alias_info_to_ldif(struct netr_DELTA_ALIAS *r, +static NTSTATUS fetch_alias_info_to_ldif(TALLOC_CTX *mem_ctx, + struct netr_DELTA_ALIAS *r, GROUPMAP *groupmap, FILE *add_fd, fstring sid, char *suffix, @@ -1872,8 +1894,8 @@ static NTSTATUS fetch_alias_info_to_ldif(struct netr_DELTA_ALIAS *r, /* Map the group rid and gid */ g_rid = r->rid; groupmap->gidNumber = ldif_gid; - snprintf(groupmap->sambaSID, sizeof(groupmap->sambaSID), - "%s-%d", sid, g_rid); + groupmap->sambaSID = talloc_asprintf(mem_ctx, "%s-%d", sid, g_rid); + NT_STATUS_HAVE_NO_MEMORY(groupmap->sambaSID); /* Write the data to the temporary add ldif file */ fprintf(add_fd, "# %s, %s, %s\n", aliasname, group_attr, @@ -2030,25 +2052,27 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, /* Allocate initial memory for groupmap and accountmap arrays */ if (init_ldap == 1) { - groupmap = SMB_MALLOC_ARRAY(GROUPMAP, 8); - accountmap = SMB_MALLOC_ARRAY(ACCOUNTMAP, 8); + groupmap = TALLOC_ZERO_ARRAY(mem_ctx, GROUPMAP, 8); + accountmap = TALLOC_ZERO_ARRAY(mem_ctx, ACCOUNTMAP, 8); if (groupmap == NULL || accountmap == NULL) { DEBUG(1,("GROUPMAP malloc failed\n")); ret = NT_STATUS_NO_MEMORY; goto done; } - /* Initialize the arrays */ - memset(groupmap, 0, sizeof(GROUPMAP)*8); - memset(accountmap, 0, sizeof(ACCOUNTMAP)*8); - /* Remember how many we malloced */ num_alloced = 8; /* Initial database population */ - populate_ldap_for_ldif(sid, suffix, builtin_sid, add_file); - map_populate_groups(groupmap, accountmap, sid, suffix, + ret = populate_ldap_for_ldif(sid, suffix, builtin_sid, add_file); + if (!NT_STATUS_IS_OK(ret)) { + goto done; + } + ret = map_populate_groups(mem_ctx, groupmap, accountmap, sid, suffix, builtin_sid); + if (!NT_STATUS_IS_OK(ret)) { + goto done; + } /* Don't do this again */ init_ldap = 0; @@ -2110,12 +2134,12 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, num_deltas = delta_enum_array->num_deltas; /* Re-allocate memory for groupmap and accountmap arrays */ - groupmap = SMB_REALLOC_ARRAY(groupmap, GROUPMAP, + groupmap = TALLOC_REALLOC_ARRAY(mem_ctx, groupmap, GROUPMAP, num_deltas+num_alloced); - accountmap = SMB_REALLOC_ARRAY(accountmap, ACCOUNTMAP, + accountmap = TALLOC_REALLOC_ARRAY(mem_ctx, accountmap, ACCOUNTMAP, num_deltas+num_alloced); if (groupmap == NULL || accountmap == NULL) { - DEBUG(1,("GROUPMAP malloc failed\n")); + DEBUG(1,("GROUPMAP talloc failed\n")); ret = NT_STATUS_NO_MEMORY; goto done; } @@ -2145,7 +2169,7 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, break; case NETR_DELTA_GROUP: - fetch_group_info_to_ldif( + fetch_group_info_to_ldif(mem_ctx, u.group, &groupmap[g_index], add_file, sid, suffix); @@ -2153,7 +2177,7 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, break; case NETR_DELTA_USER: - fetch_account_info_to_ldif( + fetch_account_info_to_ldif(mem_ctx, u.user, groupmap, &accountmap[a_index], add_file, sid, suffix, num_alloced); @@ -2161,7 +2185,7 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, break; case NETR_DELTA_ALIAS: - fetch_alias_info_to_ldif( + fetch_alias_info_to_ldif(mem_ctx, u.alias, &groupmap[g_index], add_file, sid, suffix, db_type); g_index++; @@ -2255,10 +2279,6 @@ static NTSTATUS fetch_database_to_ldif(struct rpc_pipe_client *pipe_hnd, fclose(ldif_file); } - /* Deallocate memory for the mapping arrays */ - SAFE_FREE(groupmap); - SAFE_FREE(accountmap); - /* Return */ talloc_destroy(mem_ctx); return ret; |