From dffd0f379fdbb74533ceab18d199302f3b15a7c9 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 12 Aug 2003 00:46:15 +0000 Subject: Fix for bug 269. Change wbinfo and ntlm_auth to convert domain, username and workstation to utf8 before sending the winbindd request. Also, don't continue when the call to pull_utf8() fails but rather return a winbind error. (This is what was causing the crash) (This used to be commit ca1c463360b75538a93b56a87cbb4a6ee7b6cec6) --- source3/nsswitch/wbinfo.c | 15 ++++++++++++--- source3/nsswitch/winbindd_pam.c | 12 ++++++++---- source3/python/py_winbind.c | 10 ++++++++-- source3/utils/ntlm_auth.c | 20 +++++++++++++++++--- 4 files changed, 45 insertions(+), 12 deletions(-) (limited to 'source3') diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 657d9c83bd..0018e99f60 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -3,7 +3,7 @@ Winbind status program. - Copyright (C) Tim Potter 2000-2002 + Copyright (C) Tim Potter 2000-2003 Copyright (C) Andrew Bartlett 2002 This program is free software; you can redistribute it and/or modify @@ -486,9 +486,18 @@ static BOOL wbinfo_auth_crap(char *username) parse_wbinfo_domain_user(username, name_domain, name_user); - fstrcpy(request.data.auth_crap.user, name_user); + if (push_utf8_fstring(request.data.auth_crap.user, name_user) == -1) { + d_printf("unable to create utf8 string for '%s'\n", + name_user); + return False; + } - fstrcpy(request.data.auth_crap.domain, name_domain); + if (push_utf8_fstring(request.data.auth_crap.domain, + name_domain) == -1) { + d_printf("unable to create utf8 string for '%s'\n", + name_domain); + return False; + } generate_random_buffer(request.data.auth_crap.chal, 8, False); diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index a8908487c1..a89c7ca065 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -226,10 +226,8 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) } /* Ensure null termination */ - state->request.data.auth_crap.user[sizeof(state->request.data.auth_crap.user)-1]='\0'; - - /* Ensure null termination */ - state->request.data.auth_crap.domain[sizeof(state->request.data.auth_crap.domain)-1]='\0'; + state->request.data.auth_crap.user[sizeof(state->request.data.auth_crap.user)-1]=0; + state->request.data.auth_crap.domain[sizeof(state->request.data.auth_crap.domain)-1]=0; if (!(mem_ctx = talloc_init("winbind pam auth crap for (utf8) %s", state->request.data.auth_crap.user))) { DEBUG(0, ("winbindd_pam_auth_crap: could not talloc_init()!\n")); @@ -239,12 +237,16 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) if (pull_utf8_talloc(mem_ctx, &user, state->request.data.auth_crap.user) == (size_t)-1) { DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n")); + result = NT_STATUS_UNSUCCESSFUL; + goto done; } if (*state->request.data.auth_crap.domain) { char *dom = NULL; if (pull_utf8_talloc(mem_ctx, &dom, state->request.data.auth_crap.domain) == (size_t)-1) { DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n")); + result = NT_STATUS_UNSUCCESSFUL; + goto done; } domain = dom; } else if (lp_winbind_use_default_domain()) { @@ -268,6 +270,8 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) char *wrk = NULL; if (pull_utf8_talloc(mem_ctx, &wrk, state->request.data.auth_crap.workstation) == (size_t)-1) { DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n")); + result = NT_STATUS_UNSUCCESSFUL; + goto done; } workstation = wrk; } else { diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c index ebceb95d71..6050cfb2a7 100644 --- a/source3/python/py_winbind.c +++ b/source3/python/py_winbind.c @@ -427,7 +427,10 @@ static PyObject *py_auth_crap(PyObject *self, PyObject *args, PyObject *kw) ZERO_STRUCT(request); ZERO_STRUCT(response); - fstrcpy(request.data.auth_crap.user, username); + if (push_utf8_fstring(request.data.auth_crap.user, username) == -1) { + PyErr_SetString("unable to create utf8 string"); + return NULL; + } generate_random_buffer(request.data.auth_crap.chal, 8, False); @@ -473,7 +476,10 @@ static PyObject *py_auth_smbd(PyObject *self, PyObject *args, PyObject *kw) ZERO_STRUCT(request); ZERO_STRUCT(response); - fstrcpy(request.data.smbd_auth_crap.user, username); + if (push_utf8_fstring(request.data.auth_crap.user, username) == -1) { + PyErr_SetString("unable to create utf8 string"); + return NULL; + } generate_random_buffer(request.data.smbd_auth_crap.chal, 8, False); diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 87f49621f4..1489b78927 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -200,10 +200,24 @@ static NTSTATUS contact_winbind_auth_crap(const char *username, request.flags = flags; - fstrcpy(request.data.auth_crap.user, username); + if (push_utf8_fstring(request.data.auth_crap.user, username) == -1) { + *error_string = smb_xstrdup( + "unable to create utf8 string for username"); + return NT_STATUS_UNSUCCESSFUL; + } + + if (push_utf8_fstring(request.data.auth_crap.domain, domain) == -1) { + *error_string = smb_xstrdup( + "unable to create utf8 string for domain"); + return NT_STATUS_UNSUCCESSFUL; + } - fstrcpy(request.data.auth_crap.domain, domain); - fstrcpy(request.data.auth_crap.workstation, workstation); + if (push_utf8_fstring(request.data.auth_crap.workstation, + workstation) == -1) { + *error_string = smb_xstrdup( + "unable to create utf8 string for workstation"); + return NT_STATUS_UNSUCCESSFUL; + } memcpy(request.data.auth_crap.chal, challenge->data, MIN(challenge->length, 8)); -- cgit