mirror of
https://github.com/altlinux/admc.git
synced 2025-03-22 14:50:36 +03:00
Implement smb context wrapper to fix potential memleaks
This commit is contained in:
Semyon Knyazev
parent
5c16cccac8
commit
cfc15ef94f
@ -89,6 +89,7 @@ set(ADLDAP_SAMBA_SOURCES
|
||||
samba/ndr_misc.c
|
||||
samba/libsmb_xattr.c
|
||||
samba/security_descriptor.c
|
||||
samba/smb_context.cpp
|
||||
)
|
||||
|
||||
if (VERSION_SMB_MINOR LESS 20)
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
#include "samba/libsmb_xattr.h"
|
||||
#include "samba/ndr_security.h"
|
||||
#include "samba/security_descriptor.h"
|
||||
#include "samba/smb_context.h"
|
||||
|
||||
#include "ad_filter.h"
|
||||
|
||||
@ -96,7 +97,7 @@ QString AdInterfacePrivate::s_custom_domain = QString();
|
||||
void *AdInterfacePrivate::s_sasl_nocanon = LDAP_OPT_ON;
|
||||
int AdInterfacePrivate::s_port = 0;
|
||||
CertStrategy AdInterfacePrivate::s_cert_strat = CertStrategy_Never;
|
||||
SMBCCTX *AdInterfacePrivate::smbc = NULL;
|
||||
SMBContext AdInterfacePrivate::s_smb_context = SMBContext();
|
||||
QMutex AdInterfacePrivate::mutex;
|
||||
|
||||
void get_auth_data_fn(const char *pServer, const char *pShare, char *pWorkgroup, int maxLenWorkgroup, char *pUsername, int maxLenUsername, char *pPassword, int maxLenPassword) {
|
||||
@ -160,12 +161,8 @@ AdInterface::AdInterface() {
|
||||
return;
|
||||
}
|
||||
|
||||
// Initialize SMB context
|
||||
|
||||
// NOTE: initialize only once, because otherwise
|
||||
// wouldn't be able to have multiple active
|
||||
// AdInterface's instances at the same time
|
||||
if (!init_smb_context()) {
|
||||
if (!d->s_smb_context.is_valid()) {
|
||||
d->error_message(connect_error_context, tr("Failed to initialize SMB context."));
|
||||
return;
|
||||
}
|
||||
|
||||
@ -1616,23 +1613,6 @@ void AdInterface::ldap_free() {
|
||||
}
|
||||
}
|
||||
|
||||
bool AdInterface::init_smb_context() {
|
||||
const QString connect_error_context = tr("Failed to connect.");
|
||||
|
||||
if (AdInterfacePrivate::smbc == NULL) {
|
||||
AdInterfacePrivate::smbc = smbc_new_context();
|
||||
smbc_setOptionUseKerberos(AdInterfacePrivate::smbc, true);
|
||||
smbc_setOptionFallbackAfterKerberos(AdInterfacePrivate::smbc, true);
|
||||
if (!smbc_init_context(AdInterfacePrivate::smbc)) {
|
||||
d->error_message(connect_error_context, tr("Failed to initialize SMB context."));
|
||||
|
||||
return false;
|
||||
}
|
||||
smbc_set_context(AdInterfacePrivate::smbc);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
bool AdInterface::gpo_check_perms(const QString &gpo, bool *ok) {
|
||||
// NOTE: skip perms check for non-admins, because don't
|
||||
// have enough rights to get full sd
|
||||
@ -1662,7 +1642,8 @@ bool AdInterface::gpo_check_perms(const QString &gpo, bool *ok) {
|
||||
const QString gpt_sd = [&]() {
|
||||
const QString filesys_path = gpc_object.get_string(ATTRIBUTE_GPC_FILE_SYS_PATH);
|
||||
const QString smb_path = filesys_path_to_smb_path(filesys_path);
|
||||
const char *smb_path_cstr = cstr(smb_path);
|
||||
QByteArray smb_path_array = smb_path.toUtf8();
|
||||
const char *smb_path_cstr = smb_path_array;
|
||||
|
||||
// NOTE: the length of gpt sd string doesn't have a
|
||||
// well defined bound, so we have to use an
|
||||
@ -1671,7 +1652,7 @@ bool AdInterface::gpo_check_perms(const QString &gpo, bool *ok) {
|
||||
char *buffer = (char *) malloc(buffer_size);
|
||||
|
||||
while (true) {
|
||||
const int getxattr_result = smbc_getxattr(smb_path_cstr, "system.nt_sec_desc.*", buffer, buffer_size);
|
||||
const int getxattr_result = d->s_smb_context.smbcGetxattr(smb_path_cstr, "system.nt_sec_desc.*", buffer, buffer_size);
|
||||
|
||||
// NOTE: for some reason getxattr() returns positive
|
||||
// non-zero return code on success, even though f-n
|
||||
@ -2070,8 +2051,11 @@ void AdInterface::update_dc() {
|
||||
|
||||
// Reinit ldap connection with updated DC
|
||||
ldap_free();
|
||||
d->is_connected = ldap_init();
|
||||
d->is_connected = init_smb_context();
|
||||
if (!d->s_smb_context.is_valid()) {
|
||||
d->s_smb_context = SMBContext();
|
||||
}
|
||||
|
||||
d->is_connected = ldap_init() && d->s_smb_context.is_valid();
|
||||
}
|
||||
|
||||
QList<QString> get_domain_hosts(const QString &domain, const QString &site) {
|
||||
|
||||
@ -189,7 +189,6 @@ private:
|
||||
|
||||
bool ldap_init();
|
||||
void ldap_free();
|
||||
bool init_smb_context();
|
||||
};
|
||||
|
||||
QList<QString> get_domain_hosts(const QString &domain, const QString &site);
|
||||
|
||||
@ -25,11 +25,12 @@
|
||||
#include <QList>
|
||||
#include <QMutex>
|
||||
|
||||
#include "samba/smb_context.h"
|
||||
|
||||
class AdInterface;
|
||||
class AdConfig;
|
||||
class QString;
|
||||
typedef struct ldap LDAP;
|
||||
typedef struct _SMBCCTX SMBCCTX;
|
||||
|
||||
class AdInterfacePrivate {
|
||||
Q_DECLARE_TR_FUNCTIONS(AdInterfacePrivate)
|
||||
@ -70,7 +71,8 @@ private:
|
||||
static bool s_domain_is_default;
|
||||
static QString s_custom_domain;
|
||||
static CertStrategy s_cert_strat;
|
||||
static SMBCCTX *smbc;
|
||||
static SMBContext s_smb_context;
|
||||
|
||||
AdInterface *q;
|
||||
};
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user