1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

auth/auth_util.c:

- Fill in the 'backup' idea of a domain, if the DC didn't supply one.  This
   doesn't seem to occour in reality, hence why we missed the typo.

lib/charcnv.c:
lib/smbldap.c:
libads/ldap.c:
libsmb/libsmbclient.c:
printing/nt_printing.c:
 - all the callers to pull_utf8_allocate() pass a char ** as the first
   parammeter, so don't make them all cast it to a void **

nsswitch/winbind_util.c:
 - Allow for a more 'correct' view of when usernames should be qualified
   in winbindd.  If we are a PDC, or have 'winbind trusted domains only',
   then for the authentication returns stip the domain portion.
 - Fix valgrind warning about use of free()ed name when looking up our
   local domain.  lp_workgroup() is maniplated inside a procedure that
   uses it's former value.  Instead, use the fact that our local domain is
   always the first in the list.

Andrew Bartlett
(This used to be commit 494781f628)
This commit is contained in:
Andrew Bartlett 2003-12-31 00:31:43 +00:00
parent bcd0e51e28
commit 5eee23cc64
7 changed files with 54 additions and 22 deletions

View File

@ -1078,7 +1078,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
if (!(nt_domain = unistr2_tdup(mem_ctx, &(info3->uni_logon_dom)))) {
/* If the server didn't give us one, just use the one we sent them */
domain = domain;
nt_domain = domain;
}
/* try to fill the SAM account.. If getpwnam() fails, then try the

View File

@ -1011,11 +1011,11 @@ size_t pull_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src)
* @returns The number of bytes occupied by the string in the destination
**/
size_t pull_utf8_allocate(void **dest, const char *src)
size_t pull_utf8_allocate(char **dest, const char *src)
{
size_t src_len = strlen(src)+1;
*dest = NULL;
return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, dest);
return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, (void **)dest);
}
/**

View File

@ -1371,7 +1371,7 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry)
DEBUG (5, ("smbldap_get_dn: ldap_get_dn failed\n"));
return NULL;
}
if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
DEBUG (0, ("smbldap_get_dn: String conversion failure utf8 [%s]\n", utf8_dn));
return NULL;
}

View File

@ -714,7 +714,7 @@ char *ads_get_dn(ADS_STRUCT *ads, void *msg)
return NULL;
}
if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
DEBUG(0,("ads_get_dn: string conversion failure utf8 [%s]\n",
utf8_dn ));
return NULL;

View File

@ -144,7 +144,7 @@ decode_urlpart(char *segment, size_t sizeof_segment)
free(new_usegment);
/* realloc it with unix charset */
pull_utf8_allocate((void**)&new_usegment, new_segment);
pull_utf8_allocate(&new_usegment, new_segment);
/* this assumes (very safely) that removing %aa sequences
only shortens the string */

View File

@ -53,8 +53,9 @@ struct winbindd_domain *domain_list(void)
{
/* Initialise list */
if (!_domain_list)
init_domain_list();
if (!_domain_list)
if (!init_domain_list())
return NULL;
return _domain_list;
}
@ -167,9 +168,9 @@ void rescan_trusted_domains( void )
if ( (now > last_scan) && ((now-last_scan) < WINBINDD_RESCAN_FREQ) )
return;
/* get the handle for our domain */
/* get the handle for our domain (it is always the first in the list) */
if ( (mydomain = find_domain_from_name(lp_workgroup())) == NULL ) {
if ( (mydomain = domain_list()) == NULL ) {
DEBUG(0,("rescan_trusted_domains: Can't find my own domain!\n"));
return;
}
@ -267,7 +268,7 @@ BOOL init_domain_list(void)
/* Free existing list */
free_domain_list();
/* Add ourselves as the first entry */
/* Add ourselves as the first entry. It *must* be the first entry */
domain = add_trusted_domain( lp_workgroup(), lp_realm(), &cache_methods, NULL);
@ -292,8 +293,17 @@ BOOL init_domain_list(void)
return True;
}
/* Given a domain name, return the struct winbindd domain info for it
if it is actually working. */
/**
* Given a domain name, return the struct winbindd domain info for it
*
* @note Do *not* pass lp_workgroup() to this function. domain_list
* may modify it's value, and free that pointer. Instead, our local
* domain may be found by looking at the first entry in domain_list()
* directly.
*
*
* @return The domain structure for the named domain, if it is working.
*/
struct winbindd_domain *find_domain_from_name(const char *domain_name)
{
@ -303,8 +313,9 @@ struct winbindd_domain *find_domain_from_name(const char *domain_name)
for (domain = domain_list(); domain != NULL; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
(domain->alt_name[0] && strequal(domain_name, domain->alt_name)))
(domain->alt_name[0] && strequal(domain_name, domain->alt_name))) {
return domain;
}
}
/* Not found */
@ -472,6 +483,20 @@ BOOL check_domain_env(char *domain_env, char *domain)
return False;
}
/* Is this a domain which we may assume no DOMAIN\ prefix? */
static BOOL assume_domain(const char *domain) {
if ((lp_winbind_use_default_domain()
|| lp_winbind_trusted_domains_only()) &&
strequal(lp_workgroup(), domain))
return True;
if (strequal(get_global_sam_name(), domain))
return True;
return False;
}
/* Parse a string of the form DOMAIN/user into a domain and a user */
BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
@ -481,10 +506,13 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
if ( !p ) {
fstrcpy(user, domuser);
if ( lp_winbind_use_default_domain() )
if ( assume_domain(lp_workgroup())) {
fstrcpy(domain, lp_workgroup());
else
fstrcpy( domain, "" );
} else if (assume_domain(get_global_sam_name())) {
fstrcpy( domain, get_global_sam_name() );
} else {
fstrcpy( domain, "");
}
}
else {
fstrcpy(user, p+1);
@ -502,13 +530,17 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
'winbind separator' options.
This means:
- omit DOMAIN when 'winbind use default domain = true' and DOMAIN is
lp_workgroup
lp_workgroup()
If we are a PDC or BDC, and this is for our domain, do likewise.
Also, if omit DOMAIN if 'winbind trusted domains only = true', as the
username is then unqualified in unix
*/
void fill_domain_username(fstring name, const char *domain, const char *user)
{
if(lp_winbind_use_default_domain() &&
!strcmp(lp_workgroup(), domain)) {
if (assume_domain(domain)) {
strlcpy(name, user, sizeof(fstring));
} else {
slprintf(name, sizeof(fstring) - 1, "%s%s%s",

View File

@ -2661,13 +2661,13 @@ static WERROR publish_it(NT_PRINTER_INFO_LEVEL *printer)
return WERR_SERVER_UNAVAILABLE;
}
/* Now convert to CH_UNIX. */
if (pull_utf8_allocate((void **) &srv_dn, srv_dn_utf8) == (size_t)-1) {
if (pull_utf8_allocate(&srv_dn, srv_dn_utf8) == (size_t)-1) {
ldap_memfree(srv_dn_utf8);
ldap_memfree(srv_cn_utf8);
ads_destroy(&ads);
return WERR_SERVER_UNAVAILABLE;
}
if (pull_utf8_allocate((void **) &srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
if (pull_utf8_allocate(&srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
ldap_memfree(srv_dn_utf8);
ldap_memfree(srv_cn_utf8);
ads_destroy(&ads);