mirror of
https://github.com/samba-team/samba.git
synced 2025-01-10 01:18:15 +03:00
s3-auth: Pass mem_ctx to make_server_info_sam().
Coverity-Id: 1168009 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598 Signed-off-by: Andreas Schneider <asn@samba.org> Change-Id: Ie614b0654c3a7eec1ebb10dbb9763696eec795bd Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
0d9bb86293
commit
3dc7226600
@ -482,7 +482,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
|
||||
}
|
||||
|
||||
become_root();
|
||||
nt_status = make_server_info_sam(server_info, sampass);
|
||||
nt_status = make_server_info_sam(mem_ctx, sampass, server_info);
|
||||
unbecome_root();
|
||||
|
||||
TALLOC_FREE(sampass);
|
||||
|
@ -190,8 +190,9 @@ bool make_user_info_guest(const struct tsocket_address *remote_address,
|
||||
struct auth_usersupplied_info **user_info);
|
||||
|
||||
struct samu;
|
||||
NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
|
||||
struct samu *sampass);
|
||||
NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
|
||||
struct samu *sampass,
|
||||
struct auth_serversupplied_info **pserver_info);
|
||||
NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
|
||||
const struct auth_serversupplied_info *server_info,
|
||||
DATA_BLOB *session_key,
|
||||
|
@ -58,39 +58,51 @@ static bool is_our_machine_account(const char *username)
|
||||
Make (and fill) a user_info struct from a struct samu
|
||||
***************************************************************************/
|
||||
|
||||
NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
|
||||
struct samu *sampass)
|
||||
NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
|
||||
struct samu *sampass,
|
||||
struct auth_serversupplied_info **pserver_info)
|
||||
{
|
||||
struct passwd *pwd;
|
||||
struct auth_serversupplied_info *result;
|
||||
struct auth_serversupplied_info *server_info;
|
||||
const char *username = pdb_get_username(sampass);
|
||||
TALLOC_CTX *tmp_ctx;
|
||||
NTSTATUS status;
|
||||
|
||||
if ( !(result = make_server_info(NULL)) ) {
|
||||
tmp_ctx = talloc_stackframe();
|
||||
if (tmp_ctx == NULL) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
if ( !(pwd = Get_Pwnam_alloc(result, username)) ) {
|
||||
server_info = make_server_info(tmp_ctx);
|
||||
if (server_info == NULL) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
pwd = Get_Pwnam_alloc(tmp_ctx, username);
|
||||
if (pwd == NULL) {
|
||||
DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
|
||||
pdb_get_username(sampass)));
|
||||
TALLOC_FREE(result);
|
||||
return NT_STATUS_NO_SUCH_USER;
|
||||
status = NT_STATUS_NO_SUCH_USER;
|
||||
goto out;
|
||||
}
|
||||
|
||||
status = samu_to_SamInfo3(result, sampass, lp_netbios_name(),
|
||||
&result->info3, &result->extra);
|
||||
status = samu_to_SamInfo3(server_info,
|
||||
sampass,
|
||||
lp_netbios_name(),
|
||||
&server_info->info3,
|
||||
&server_info->extra);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
TALLOC_FREE(result);
|
||||
return status;
|
||||
goto out;
|
||||
}
|
||||
|
||||
result->unix_name = pwd->pw_name;
|
||||
/* Ensure that we keep pwd->pw_name, because we will free pwd below */
|
||||
talloc_steal(result, pwd->pw_name);
|
||||
result->utok.gid = pwd->pw_gid;
|
||||
result->utok.uid = pwd->pw_uid;
|
||||
server_info->unix_name = talloc_strdup(server_info, pwd->pw_name);
|
||||
if (server_info->unix_name == NULL) {
|
||||
status = NT_STATUS_NO_MEMORY;
|
||||
goto out;
|
||||
}
|
||||
|
||||
TALLOC_FREE(pwd);
|
||||
server_info->utok.gid = pwd->pw_gid;
|
||||
server_info->utok.uid = pwd->pw_uid;
|
||||
|
||||
if (IS_DC && is_our_machine_account(username)) {
|
||||
/*
|
||||
@ -110,9 +122,13 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
|
||||
}
|
||||
|
||||
DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
|
||||
pdb_get_username(sampass), result->unix_name));
|
||||
pdb_get_username(sampass), server_info->unix_name));
|
||||
|
||||
*server_info = result;
|
||||
*pserver_info = talloc_steal(mem_ctx, server_info);
|
||||
|
||||
return NT_STATUS_OK;
|
||||
status = NT_STATUS_OK;
|
||||
out:
|
||||
talloc_free(tmp_ctx);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
@ -223,9 +223,6 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
|
||||
* SID consistency with ntlmssp session setup
|
||||
*/
|
||||
struct samu *sampass;
|
||||
/* The stupid make_server_info_XX functions here
|
||||
don't take a talloc context. */
|
||||
struct auth_serversupplied_info *tmp = NULL;
|
||||
|
||||
sampass = samu_new(talloc_tos());
|
||||
if (sampass == NULL) {
|
||||
@ -235,14 +232,19 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
|
||||
if (pdb_getsampwnam(sampass, username)) {
|
||||
DEBUG(10, ("found user %s in passdb, calling "
|
||||
"make_server_info_sam\n", username));
|
||||
status = make_server_info_sam(&tmp, sampass);
|
||||
status = make_server_info_sam(mem_ctx,
|
||||
sampass,
|
||||
&server_info);
|
||||
} else {
|
||||
/*
|
||||
* User not in passdb, make it up artificially
|
||||
*/
|
||||
DEBUG(10, ("didn't find user %s in passdb, calling "
|
||||
"make_server_info_pw\n", username));
|
||||
status = make_server_info_pw(mem_ctx, username, pw, &tmp);
|
||||
status = make_server_info_pw(mem_ctx,
|
||||
username,
|
||||
pw,
|
||||
&server_info);
|
||||
}
|
||||
|
||||
TALLOC_FREE(sampass);
|
||||
|
Loading…
Reference in New Issue
Block a user