mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
auth/auth_util.c:
- Fill in the 'backup' idea of a domain, if the DC didn't supply one. This
doesn't seem to occour in reality, hence why we missed the typo.
lib/charcnv.c:
lib/smbldap.c:
libads/ldap.c:
libsmb/libsmbclient.c:
printing/nt_printing.c:
- all the callers to pull_utf8_allocate() pass a char ** as the first
parammeter, so don't make them all cast it to a void **
nsswitch/winbind_util.c:
- Allow for a more 'correct' view of when usernames should be qualified
in winbindd. If we are a PDC, or have 'winbind trusted domains only',
then for the authentication returns stip the domain portion.
- Fix valgrind warning about use of free()ed name when looking up our
local domain. lp_workgroup() is maniplated inside a procedure that
uses it's former value. Instead, use the fact that our local domain is
always the first in the list.
Andrew Bartlett
(This used to be commit 494781f628
)
This commit is contained in:
parent
bcd0e51e28
commit
5eee23cc64
@ -1078,7 +1078,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
|
||||
|
||||
if (!(nt_domain = unistr2_tdup(mem_ctx, &(info3->uni_logon_dom)))) {
|
||||
/* If the server didn't give us one, just use the one we sent them */
|
||||
domain = domain;
|
||||
nt_domain = domain;
|
||||
}
|
||||
|
||||
/* try to fill the SAM account.. If getpwnam() fails, then try the
|
||||
|
@ -1011,11 +1011,11 @@ size_t pull_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src)
|
||||
* @returns The number of bytes occupied by the string in the destination
|
||||
**/
|
||||
|
||||
size_t pull_utf8_allocate(void **dest, const char *src)
|
||||
size_t pull_utf8_allocate(char **dest, const char *src)
|
||||
{
|
||||
size_t src_len = strlen(src)+1;
|
||||
*dest = NULL;
|
||||
return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, dest);
|
||||
return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, (void **)dest);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1371,7 +1371,7 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry)
|
||||
DEBUG (5, ("smbldap_get_dn: ldap_get_dn failed\n"));
|
||||
return NULL;
|
||||
}
|
||||
if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
|
||||
if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
|
||||
DEBUG (0, ("smbldap_get_dn: String conversion failure utf8 [%s]\n", utf8_dn));
|
||||
return NULL;
|
||||
}
|
||||
|
@ -714,7 +714,7 @@ char *ads_get_dn(ADS_STRUCT *ads, void *msg)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
|
||||
if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
|
||||
DEBUG(0,("ads_get_dn: string conversion failure utf8 [%s]\n",
|
||||
utf8_dn ));
|
||||
return NULL;
|
||||
|
@ -144,7 +144,7 @@ decode_urlpart(char *segment, size_t sizeof_segment)
|
||||
free(new_usegment);
|
||||
|
||||
/* realloc it with unix charset */
|
||||
pull_utf8_allocate((void**)&new_usegment, new_segment);
|
||||
pull_utf8_allocate(&new_usegment, new_segment);
|
||||
|
||||
/* this assumes (very safely) that removing %aa sequences
|
||||
only shortens the string */
|
||||
|
@ -53,8 +53,9 @@ struct winbindd_domain *domain_list(void)
|
||||
{
|
||||
/* Initialise list */
|
||||
|
||||
if (!_domain_list)
|
||||
init_domain_list();
|
||||
if (!_domain_list)
|
||||
if (!init_domain_list())
|
||||
return NULL;
|
||||
|
||||
return _domain_list;
|
||||
}
|
||||
@ -167,9 +168,9 @@ void rescan_trusted_domains( void )
|
||||
if ( (now > last_scan) && ((now-last_scan) < WINBINDD_RESCAN_FREQ) )
|
||||
return;
|
||||
|
||||
/* get the handle for our domain */
|
||||
/* get the handle for our domain (it is always the first in the list) */
|
||||
|
||||
if ( (mydomain = find_domain_from_name(lp_workgroup())) == NULL ) {
|
||||
if ( (mydomain = domain_list()) == NULL ) {
|
||||
DEBUG(0,("rescan_trusted_domains: Can't find my own domain!\n"));
|
||||
return;
|
||||
}
|
||||
@ -267,7 +268,7 @@ BOOL init_domain_list(void)
|
||||
/* Free existing list */
|
||||
free_domain_list();
|
||||
|
||||
/* Add ourselves as the first entry */
|
||||
/* Add ourselves as the first entry. It *must* be the first entry */
|
||||
|
||||
domain = add_trusted_domain( lp_workgroup(), lp_realm(), &cache_methods, NULL);
|
||||
|
||||
@ -292,8 +293,17 @@ BOOL init_domain_list(void)
|
||||
return True;
|
||||
}
|
||||
|
||||
/* Given a domain name, return the struct winbindd domain info for it
|
||||
if it is actually working. */
|
||||
/**
|
||||
* Given a domain name, return the struct winbindd domain info for it
|
||||
*
|
||||
* @note Do *not* pass lp_workgroup() to this function. domain_list
|
||||
* may modify it's value, and free that pointer. Instead, our local
|
||||
* domain may be found by looking at the first entry in domain_list()
|
||||
* directly.
|
||||
*
|
||||
*
|
||||
* @return The domain structure for the named domain, if it is working.
|
||||
*/
|
||||
|
||||
struct winbindd_domain *find_domain_from_name(const char *domain_name)
|
||||
{
|
||||
@ -303,8 +313,9 @@ struct winbindd_domain *find_domain_from_name(const char *domain_name)
|
||||
|
||||
for (domain = domain_list(); domain != NULL; domain = domain->next) {
|
||||
if (strequal(domain_name, domain->name) ||
|
||||
(domain->alt_name[0] && strequal(domain_name, domain->alt_name)))
|
||||
(domain->alt_name[0] && strequal(domain_name, domain->alt_name))) {
|
||||
return domain;
|
||||
}
|
||||
}
|
||||
|
||||
/* Not found */
|
||||
@ -472,6 +483,20 @@ BOOL check_domain_env(char *domain_env, char *domain)
|
||||
return False;
|
||||
}
|
||||
|
||||
/* Is this a domain which we may assume no DOMAIN\ prefix? */
|
||||
|
||||
static BOOL assume_domain(const char *domain) {
|
||||
if ((lp_winbind_use_default_domain()
|
||||
|| lp_winbind_trusted_domains_only()) &&
|
||||
strequal(lp_workgroup(), domain))
|
||||
return True;
|
||||
|
||||
if (strequal(get_global_sam_name(), domain))
|
||||
return True;
|
||||
|
||||
return False;
|
||||
}
|
||||
|
||||
/* Parse a string of the form DOMAIN/user into a domain and a user */
|
||||
|
||||
BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
|
||||
@ -481,10 +506,13 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
|
||||
if ( !p ) {
|
||||
fstrcpy(user, domuser);
|
||||
|
||||
if ( lp_winbind_use_default_domain() )
|
||||
if ( assume_domain(lp_workgroup())) {
|
||||
fstrcpy(domain, lp_workgroup());
|
||||
else
|
||||
fstrcpy( domain, "" );
|
||||
} else if (assume_domain(get_global_sam_name())) {
|
||||
fstrcpy( domain, get_global_sam_name() );
|
||||
} else {
|
||||
fstrcpy( domain, "");
|
||||
}
|
||||
}
|
||||
else {
|
||||
fstrcpy(user, p+1);
|
||||
@ -502,13 +530,17 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
|
||||
'winbind separator' options.
|
||||
This means:
|
||||
- omit DOMAIN when 'winbind use default domain = true' and DOMAIN is
|
||||
lp_workgroup
|
||||
lp_workgroup()
|
||||
|
||||
If we are a PDC or BDC, and this is for our domain, do likewise.
|
||||
|
||||
Also, if omit DOMAIN if 'winbind trusted domains only = true', as the
|
||||
username is then unqualified in unix
|
||||
|
||||
*/
|
||||
void fill_domain_username(fstring name, const char *domain, const char *user)
|
||||
{
|
||||
if(lp_winbind_use_default_domain() &&
|
||||
!strcmp(lp_workgroup(), domain)) {
|
||||
if (assume_domain(domain)) {
|
||||
strlcpy(name, user, sizeof(fstring));
|
||||
} else {
|
||||
slprintf(name, sizeof(fstring) - 1, "%s%s%s",
|
||||
|
@ -2661,13 +2661,13 @@ static WERROR publish_it(NT_PRINTER_INFO_LEVEL *printer)
|
||||
return WERR_SERVER_UNAVAILABLE;
|
||||
}
|
||||
/* Now convert to CH_UNIX. */
|
||||
if (pull_utf8_allocate((void **) &srv_dn, srv_dn_utf8) == (size_t)-1) {
|
||||
if (pull_utf8_allocate(&srv_dn, srv_dn_utf8) == (size_t)-1) {
|
||||
ldap_memfree(srv_dn_utf8);
|
||||
ldap_memfree(srv_cn_utf8);
|
||||
ads_destroy(&ads);
|
||||
return WERR_SERVER_UNAVAILABLE;
|
||||
}
|
||||
if (pull_utf8_allocate((void **) &srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
|
||||
if (pull_utf8_allocate(&srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
|
||||
ldap_memfree(srv_dn_utf8);
|
||||
ldap_memfree(srv_cn_utf8);
|
||||
ads_destroy(&ads);
|
||||
|
Loading…
Reference in New Issue
Block a user