diff options
Diffstat (limited to 'source4/dsdb')
-rw-r--r-- | source4/dsdb/common/util.c | 2 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 17 | ||||
-rw-r--r-- | source4/dsdb/schema/schema_init.c | 54 | ||||
-rw-r--r-- | source4/dsdb/schema/schema_syntax.c | 24 |
4 files changed, 58 insertions, 39 deletions
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index b02a162293..19eb3433a9 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1693,7 +1693,7 @@ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ctx, if (convert_string_talloc_convenience(mem_ctx, lp_iconv_convenience(ldb_get_opaque(ctx, "loadparm")), CH_UTF16, CH_UNIX, new_password->data, new_password->length, - (void **)&new_pass) != -1) { + (void **)&new_pass, NULL, false)) { /* possibly check password complexity */ diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index da4c57463b..56d4c4fe36 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1307,7 +1307,7 @@ static int setup_password_fields(struct setup_password_fields_io *io) struct ldb_context *ldb; bool ok; int ret; - ssize_t converted_pw_len; + size_t converted_pw_len; ldb = ldb_module_get_ctx(io->ac->module); @@ -1337,10 +1337,9 @@ static int setup_password_fields(struct setup_password_fields_io *io) ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), + if (!convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF8, CH_UTF16, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length, - (void **)&cleartext_utf16_str); - if (converted_pw_len == -1) { + (void **)&cleartext_utf16_str, &converted_pw_len, false)) { ldb_asprintf_errstring(ldb, "setup_password_fields: " "failed to generate UTF16 password from cleartext UTF8 password"); @@ -1355,10 +1354,9 @@ static int setup_password_fields(struct setup_password_fields_io *io) ldb_oom(ldb); return LDB_ERR_OPERATIONS_ERROR; } - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), + if (!convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF16MUNGED, CH_UTF8, io->n.cleartext_utf16->data, io->n.cleartext_utf16->length, - (void **)&cleartext_utf8_str); - if (converted_pw_len == -1) { + (void **)&cleartext_utf8_str, &converted_pw_len, false)) { /* We can't bail out entirely, as these unconvertable passwords are frustratingly valid */ io->n.cleartext_utf8 = NULL; talloc_free(cleartext_utf8_blob); @@ -1381,10 +1379,9 @@ static int setup_password_fields(struct setup_password_fields_io *io) if (io->n.cleartext_utf8) { struct samr_Password *lm_hash; char *cleartext_unix; - converted_pw_len = convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), + if (convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF8, CH_UNIX, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length, - (void **)&cleartext_unix); - if (converted_pw_len != -1) { + (void **)&cleartext_unix, &converted_pw_len, false)) { lm_hash = talloc(io->ac, struct samr_Password); if (!lm_hash) { ldb_oom(ldb); diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c index 763872cf2b..a67aecd1e8 100644 --- a/source4/dsdb/schema/schema_init.c +++ b/source4/dsdb/schema/schema_init.c @@ -1186,12 +1186,11 @@ static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb return WERR_INVALID_PARAM; \ } \ if (_a && _a->value_ctr.num_values >= 1) { \ - ssize_t _ret; \ - _ret = convert_string_talloc_convenience(mem_ctx, s->iconv_convenience, CH_UTF16, CH_UNIX, \ + size_t _ret; \ + if (!convert_string_talloc_convenience(mem_ctx, s->iconv_convenience, CH_UTF16, CH_UNIX, \ _a->value_ctr.values[0].blob->data, \ _a->value_ctr.values[0].blob->length, \ - (void **)discard_const(&(p)->elem)); \ - if (_ret == -1) { \ + (void **)discard_const(&(p)->elem), &_ret, false)) { \ DEBUG(0,("%s: invalid data!\n", attr)); \ dump_data(0, \ _a->value_ctr.values[0].blob->data, \ @@ -1203,6 +1202,34 @@ static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb } \ } while (0) +#define GET_STRING_LIST_DS(s, r, attr, mem_ctx, p, elem, strict) do { \ + int get_string_list_counter; \ + struct drsuapi_DsReplicaAttribute *_a; \ + _a = dsdb_find_object_attr_name(s, r, attr, NULL); \ + if (strict && !_a) { \ + d_printf("%s: %s == NULL\n", __location__, attr); \ + return WERR_INVALID_PARAM; \ + } \ + (p)->elem = _a ? talloc_array(mem_ctx, const char *, _a->value_ctr.num_values + 1) : NULL; \ + for (get_string_list_counter=0; \ + _a && get_string_list_counter < _a->value_ctr.num_values; \ + get_string_list_counter++) { \ + size_t _ret; \ + if (!convert_string_talloc_convenience(mem_ctx, s->iconv_convenience, CH_UTF16, CH_UNIX, \ + _a->value_ctr.values[get_string_list_counter].blob->data, \ + _a->value_ctr.values[get_string_list_counter].blob->length, \ + (void **)discard_const(&(p)->elem[get_string_list_counter]), &_ret, false)) { \ + DEBUG(0,("%s: invalid data!\n", attr)); \ + dump_data(0, \ + _a->value_ctr.values[get_string_list_counter].blob->data, \ + _a->value_ctr.values[get_string_list_counter].blob->length); \ + return WERR_FOOBAR; \ + } \ + (p)->elem[get_string_list_counter+1] = NULL; \ + } \ + talloc_steal(mem_ctx, (p)->elem); \ +} while (0) + #define GET_DN_DS(s, r, attr, mem_ctx, p, elem, strict) do { \ struct drsuapi_DsReplicaAttribute *_a; \ _a = dsdb_find_object_attr_name(s, r, attr, NULL); \ @@ -1413,17 +1440,18 @@ WERROR dsdb_class_from_drsuapi(struct dsdb_schema *schema, GET_STRING_DS(schema, r, "subClassOf", mem_ctx, obj, subClassOf, true); - obj->systemAuxiliaryClass = NULL; - obj->systemPossSuperiors = NULL; - obj->systemMustContain = NULL; - obj->systemMayContain = NULL; - obj->auxiliaryClass = NULL; - obj->possSuperiors = NULL; - obj->mustContain = NULL; - obj->mayContain = NULL; + GET_STRING_LIST_DS(schema, r, "systemAuxiliaryClass", mem_ctx, obj, systemAuxiliaryClass, false); + GET_STRING_LIST_DS(schema, r, "auxiliaryClass", mem_ctx, obj, auxiliaryClass, false); + + GET_STRING_LIST_DS(schema, r, "systemMustContain", mem_ctx, obj, systemMustContain, false); + GET_STRING_LIST_DS(schema, r, "systemMayContain", mem_ctx, obj, systemMayContain, false); + GET_STRING_LIST_DS(schema, r, "mustContain", mem_ctx, obj, mustContain, false); + GET_STRING_LIST_DS(schema, r, "mayContain", mem_ctx, obj, mayContain, false); - obj->possibleInferiors = NULL; + GET_STRING_LIST_DS(schema, r, "systemPossSuperiors", mem_ctx, obj, systemPossSuperiors, false); + GET_STRING_LIST_DS(schema, r, "possSuperiors", mem_ctx, obj, possSuperiors, false); + GET_STRING_LIST_DS(schema, r, "possibleInferiors", mem_ctx, obj, possibleInferiors, false); GET_STRING_DS(schema, r, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false); diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index 4141026b7e..27c9a6c4a4 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -779,7 +779,6 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb, W_ERROR_HAVE_NO_MEMORY(out->values); for (i=0; i < out->num_values; i++) { - ssize_t ret; char *str; if (in->value_ctr.values[i].blob == NULL) { @@ -790,13 +789,12 @@ static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb, return WERR_FOOBAR; } - ret = convert_string_talloc_convenience(out->values, + if (!convert_string_talloc_convenience(out->values, schema->iconv_convenience, CH_UTF16, CH_UNIX, in->value_ctr.values[i].blob->data, in->value_ctr.values[i].blob->length, - (void **)&str); - if (ret == -1) { + (void **)&str, NULL, false)) { return WERR_FOOBAR; } @@ -835,11 +833,10 @@ static WERROR dsdb_syntax_UNICODE_ldb_to_drsuapi(struct ldb_context *ldb, out->value_ctr.values[i].blob = &blobs[i]; - ret = convert_string_talloc_convenience(blobs, schema->iconv_convenience, CH_UNIX, CH_UTF16, + if (!convert_string_talloc_convenience(blobs, schema->iconv_convenience, CH_UNIX, CH_UTF16, in->values[i].data, in->values[i].length, - (void **)&blobs[i].data); - if (ret == -1) { + (void **)&blobs[i].data, NULL, false)) { return WERR_FOOBAR; } blobs[i].length = ret; @@ -1145,7 +1142,6 @@ static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(struct ldb_context for (i=0; i < out->num_values; i++) { uint32_t len; - ssize_t ret; char *str; if (in->value_ctr.values[i].blob == NULL) { @@ -1162,11 +1158,10 @@ static WERROR dsdb_syntax_PRESENTATION_ADDRESS_drsuapi_to_ldb(struct ldb_context return WERR_FOOBAR; } - ret = convert_string_talloc_convenience(out->values, schema->iconv_convenience, CH_UTF16, CH_UNIX, + if (!convert_string_talloc_convenience(out->values, schema->iconv_convenience, CH_UTF16, CH_UNIX, in->value_ctr.values[i].blob->data+4, in->value_ctr.values[i].blob->length-4, - (void **)&str); - if (ret == -1) { + (void **)&str, NULL, false)) { return WERR_FOOBAR; } @@ -1202,15 +1197,14 @@ static WERROR dsdb_syntax_PRESENTATION_ADDRESS_ldb_to_drsuapi(struct ldb_context for (i=0; i < in->num_values; i++) { uint8_t *data; - ssize_t ret; + size_t ret; out->value_ctr.values[i].blob = &blobs[i]; - ret = convert_string_talloc_convenience(blobs, schema->iconv_convenience, CH_UNIX, CH_UTF16, + if (!convert_string_talloc_convenience(blobs, schema->iconv_convenience, CH_UNIX, CH_UTF16, in->values[i].data, in->values[i].length, - (void **)&data); - if (ret == -1) { + (void **)&data, &ret, false)) { return WERR_FOOBAR; } |