1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00

r16241: Fix Klocwork #106 and others like it.

Make 2 important changes. pdb_get_methods()
returning NULL is a *fatal* error. Don't try
and cope with it just call smb_panic. This
removes a *lot* of pointless "if (!pdb)" handling
code. Secondly, ensure that if samu_init()
fails we *always* back out of a function. That
way we are never in a situation where the pdb_XXX()
functions need to start with a "if (sampass)"
test - this was just bad design, not defensive
programming.
Jeremy.
(This used to be commit a0d368197d)
This commit is contained in:
Jeremy Allison 2006-06-15 01:54:09 +00:00 committed by Gerald (Jerry) Carter
parent a1e0a0e928
commit f9147c4e40
9 changed files with 366 additions and 631 deletions

View File

@ -1085,6 +1085,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
const DOM_SID *gr_sid = NULL;
if ( !(sam_acct = samu_new( tmp_ctx )) ) {
result = NT_STATUS_NO_MEMORY;
goto done;
}
@ -1347,13 +1348,20 @@ static auth_serversupplied_info *copy_serverinfo(auth_serversupplied_info *src)
dst->uid = src->uid;
dst->gid = src->gid;
dst->n_groups = src->n_groups;
if (src->n_groups != 0)
if (src->n_groups != 0) {
dst->groups = talloc_memdup(dst, src->groups,
sizeof(gid_t)*dst->n_groups);
else
} else {
dst->groups = NULL;
}
if (src->ptok) {
dst->ptok = dup_nt_token(dst, src->ptok);
if (!dst->ptok) {
TALLOC_FREE(dst);
return NULL;
}
}
dst->user_session_key = data_blob_talloc( dst, src->user_session_key.data,
src->user_session_key.length);
@ -1361,11 +1369,23 @@ static auth_serversupplied_info *copy_serverinfo(auth_serversupplied_info *src)
dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
src->lm_session_key.length);
if ( (dst->sam_account = samu_new( NULL )) != NULL )
pdb_copy_sam_account(dst->sam_account, src->sam_account);
dst->sam_account = samu_new(NULL);
if (!dst->sam_account) {
TALLOC_FREE(dst);
return NULL;
}
if (!pdb_copy_sam_account(dst->sam_account, src->sam_account)) {
TALLOC_FREE(dst);
return NULL;
}
dst->pam_handle = NULL;
dst->unix_name = talloc_strdup(dst, src->unix_name);
if (!dst->unix_name) {
TALLOC_FREE(dst);
return NULL;
}
return dst;
}

View File

@ -81,12 +81,20 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags,
/* Get the user's record. */
if ( (sampass = samu_new( NULL )) != NULL ) {
pdb_getsampwnam(sampass, name );
if (!(sampass = samu_new( NULL ))) {
CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
/* malloc fail. */
return nt_status_to_pam(NT_STATUS_NO_MEMORY);
}
if (!pdb_getsampwnam(sampass, name )) {
_log_err( LOG_DEBUG, "acct: could not identify user" );
CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
return PAM_USER_UNKNOWN;
}
/* check for lookup failure */
if ( !sampass || !strlen(pdb_get_username(sampass)) ) {
if (!strlen(pdb_get_username(sampass)) ) {
CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
return PAM_USER_UNKNOWN;
}

View File

@ -73,7 +73,6 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
/* Points to memory managed by the PAM library. Do not free. */
char *p = NULL;
/* Samba initialization. */
load_case_tables();
setup_logging("pam_smbpass",False);
@ -109,6 +108,11 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
}
sampass = samu_new( NULL );
if (!sampass) {
_log_err( LOG_ALERT, "Cannot talloc a samu struct" );
retval = nt_status_to_pam(NT_STATUS_NO_MEMORY);
AUTH_RETURN;
}
found = pdb_getsampwnam( sampass, name );
@ -138,8 +142,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
retval = _smb_read_password(pamh, ctrl, NULL, "Password: ", NULL, _SMB_AUTHTOK, &p);
if (retval != PAM_SUCCESS ) {
_log_err(LOG_CRIT, "auth: no password provided for [%s]"
, name);
_log_err(LOG_CRIT, "auth: no password provided for [%s]", name);
TALLOC_FREE(sampass);
AUTH_RETURN;
}
@ -255,4 +258,3 @@ struct pam_module _pam_smbpass_auth_modstruct = {
NULL
};
#endif

View File

@ -1094,12 +1094,6 @@ uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_onl
uint32 nt_pw_hist_len;
uint32 pwHistLen = 0;
/* do we have a valid struct samu pointer? */
if (sampass == NULL) {
DEBUG(0, ("init_buffer_from_sam: struct samu is NULL!\n"));
return -1;
}
*buf = NULL;
buflen = 0;
@ -1330,27 +1324,31 @@ uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_onl
BOOL pdb_copy_sam_account(struct samu *dst, struct samu *src )
{
BOOL result;
uint8 *buf;
uint8 *buf = NULL;
int len;
if ( !dst )
return False;
len = init_buffer_from_sam_v3(&buf, src, False);
if (len == -1)
if (len == -1 || !buf) {
return False;
}
if (!init_sam_from_buffer_v3( dst, buf, len )) {
free(buf);
return False;
}
result = init_sam_from_buffer_v3( dst, buf, len );
dst->methods = src->methods;
if ( src->unix_pw )
if ( src->unix_pw ) {
dst->unix_pw = tcopy_passwd( dst, src->unix_pw );
if (!dst->unix_pw) {
free(buf);
return False;
}
}
free(buf);
return result;
return True;
}
/*********************************************************************
@ -1363,8 +1361,6 @@ BOOL pdb_update_bad_password_count(struct samu *sampass, BOOL *updated)
uint16 BadPasswordCount;
uint32 resettime;
if (!sampass) return False;
BadPasswordCount = pdb_get_bad_password_count(sampass);
if (!BadPasswordCount) {
DEBUG(9, ("No bad password attempts.\n"));
@ -1405,8 +1401,6 @@ BOOL pdb_update_autolock_flag(struct samu *sampass, BOOL *updated)
uint32 duration;
time_t LastBadPassword;
if (!sampass) return False;
if (!(pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK)) {
DEBUG(9, ("pdb_update_autolock_flag: Account %s not autolocked, no check needed\n",
pdb_get_username(sampass)));
@ -1459,9 +1453,6 @@ BOOL pdb_increment_bad_password_count(struct samu *sampass)
BOOL autolock_updated = False, badpw_updated = False;
BOOL ret;
if (!sampass)
return False;
/* Retrieve the account lockout policy */
become_root();
ret = pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_lockout);

View File

@ -42,125 +42,79 @@
uint32 pdb_get_acct_ctrl(const struct samu *sampass)
{
if (sampass)
return (sampass->acct_ctrl);
else
return (ACB_DISABLED);
return sampass->acct_ctrl;
}
time_t pdb_get_logon_time(const struct samu *sampass)
{
if (sampass)
return (sampass->logon_time);
else
return (0);
return sampass->logon_time;
}
time_t pdb_get_logoff_time(const struct samu *sampass)
{
if (sampass)
return (sampass->logoff_time);
else
return (-1);
return sampass->logoff_time;
}
time_t pdb_get_kickoff_time(const struct samu *sampass)
{
if (sampass)
return (sampass->kickoff_time);
else
return (-1);
return sampass->kickoff_time;
}
time_t pdb_get_bad_password_time(const struct samu *sampass)
{
if (sampass)
return (sampass->bad_password_time);
else
return (-1);
return sampass->bad_password_time;
}
time_t pdb_get_pass_last_set_time(const struct samu *sampass)
{
if (sampass)
return (sampass->pass_last_set_time);
else
return (-1);
return sampass->pass_last_set_time;
}
time_t pdb_get_pass_can_change_time(const struct samu *sampass)
{
if (sampass)
return (sampass->pass_can_change_time);
else
return (-1);
return sampass->pass_can_change_time;
}
time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
if (sampass)
return (sampass->pass_must_change_time);
else
return (-1);
return sampass->pass_must_change_time;
}
uint16 pdb_get_logon_divs(const struct samu *sampass)
{
if (sampass)
return (sampass->logon_divs);
else
return (-1);
return sampass->logon_divs;
}
uint32 pdb_get_hours_len(const struct samu *sampass)
{
if (sampass)
return (sampass->hours_len);
else
return (-1);
return sampass->hours_len;
}
const uint8 *pdb_get_hours(const struct samu *sampass)
{
if (sampass)
return (sampass->hours);
else
return (NULL);
}
const uint8 *pdb_get_nt_passwd(const struct samu *sampass)
{
if (sampass) {
SMB_ASSERT((!sampass->nt_pw.data)
|| sampass->nt_pw.length == NT_HASH_LEN);
return ((uint8*)sampass->nt_pw.data);
}
else
return (NULL);
return (uint8 *)sampass->nt_pw.data;
}
const uint8 *pdb_get_lanman_passwd(const struct samu *sampass)
{
if (sampass) {
SMB_ASSERT((!sampass->lm_pw.data)
|| sampass->lm_pw.length == LM_HASH_LEN);
return ((uint8*)sampass->lm_pw.data);
}
else
return (NULL);
return (uint8 *)sampass->lm_pw.data;
}
const uint8 *pdb_get_pw_history(const struct samu *sampass, uint32 *current_hist_len)
{
if (sampass) {
SMB_ASSERT((!sampass->nt_pw_his.data)
|| ((sampass->nt_pw_his.length % PW_HISTORY_ENTRY_LEN) == 0));
*current_hist_len = sampass->nt_pw_his.length / PW_HISTORY_ENTRY_LEN;
return ((uint8*)sampass->nt_pw_his.data);
} else {
*current_hist_len = 0;
return (NULL);
}
return (uint8 *)sampass->nt_pw_his.data;
}
/* Return the plaintext password if known. Most of the time
@ -171,18 +125,12 @@ const uint8* pdb_get_pw_history (const struct samu *sampass, uint32 *current_his
*/
const char *pdb_get_plaintext_passwd(const struct samu *sampass)
{
if (sampass) {
return (sampass->plaintext_pw);
}
else
return (NULL);
return sampass->plaintext_pw;
}
const DOM_SID *pdb_get_user_sid(const struct samu *sampass)
{
if (sampass)
return &sampass->user_sid;
return NULL;
}
const DOM_SID *pdb_get_group_sid(struct samu *sampass)
@ -190,14 +138,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
DOM_SID *gsid;
struct passwd *pwd;
/* sanity check */
if ( !sampass ) {
return NULL;
}
/* Return the cached group SID if we have that */
if ( sampass->group_sid ) {
return sampass->group_sid;
}
@ -213,10 +154,11 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
be a newly allocated one. We rely on the user's Unix primary gid.
We have no choice but to fail if we can't find it. */
if ( sampass->unix_pw )
if ( sampass->unix_pw ) {
pwd = sampass->unix_pw;
else
} else {
pwd = getpwnam_alloc( sampass, pdb_get_username(sampass) );
}
if ( !pwd ) {
DEBUG(0,("pdb_get_group_sid: Failed to find Unix account for %s\n", pdb_get_username(sampass) ));
@ -268,7 +210,7 @@ enum pdb_value_state pdb_get_init_flags (const struct samu *sampass, enum pdb_el
{
enum pdb_value_state ret = PDB_DEFAULT;
if (!sampass || !sampass->change_flags || !sampass->set_flags)
if (!sampass->change_flags || !sampass->set_flags)
return ret;
if (bitmap_query(sampass->set_flags, element)) {
@ -290,139 +232,95 @@ enum pdb_value_state pdb_get_init_flags (const struct samu *sampass, enum pdb_el
const char *pdb_get_username(const struct samu *sampass)
{
if (sampass)
return (sampass->username);
else
return (NULL);
return sampass->username;
}
const char *pdb_get_domain(const struct samu *sampass)
{
if (sampass)
return (sampass->domain);
else
return (NULL);
return sampass->domain;
}
const char *pdb_get_nt_username(const struct samu *sampass)
{
if (sampass)
return (sampass->nt_username);
else
return (NULL);
return sampass->nt_username;
}
const char *pdb_get_fullname(const struct samu *sampass)
{
if (sampass)
return (sampass->full_name);
else
return (NULL);
return sampass->full_name;
}
const char *pdb_get_homedir(const struct samu *sampass)
{
if (sampass)
return (sampass->home_dir);
else
return (NULL);
return sampass->home_dir;
}
const char *pdb_get_unix_homedir(const struct samu *sampass)
{
if ( sampass && sampass->unix_pw )
return ( sampass->unix_pw->pw_dir );
return (NULL);
if (sampass->unix_pw ) {
return sampass->unix_pw->pw_dir;
}
return NULL;
}
const char *pdb_get_dir_drive(const struct samu *sampass)
{
if (sampass)
return (sampass->dir_drive);
else
return (NULL);
return sampass->dir_drive;
}
const char *pdb_get_logon_script(const struct samu *sampass)
{
if (sampass)
return (sampass->logon_script);
else
return (NULL);
return sampass->logon_script;
}
const char *pdb_get_profile_path(const struct samu *sampass)
{
if (sampass)
return (sampass->profile_path);
else
return (NULL);
return sampass->profile_path;
}
const char *pdb_get_acct_desc(const struct samu *sampass)
{
if (sampass)
return (sampass->acct_desc);
else
return (NULL);
return sampass->acct_desc;
}
const char *pdb_get_workstations(const struct samu *sampass)
{
if (sampass)
return (sampass->workstations);
else
return (NULL);
return sampass->workstations;
}
const char *pdb_get_unknown_str(const struct samu *sampass)
{
if (sampass)
return (sampass->unknown_str);
else
return (NULL);
return sampass->unknown_str;
}
const char *pdb_get_munged_dial(const struct samu *sampass)
{
if (sampass)
return (sampass->munged_dial);
else
return (NULL);
return sampass->munged_dial;
}
uint16 pdb_get_bad_password_count(const struct samu *sampass)
{
if (sampass)
return (sampass->bad_password_count);
else
return 0;
return sampass->bad_password_count;
}
uint16 pdb_get_logon_count(const struct samu *sampass)
{
if (sampass)
return (sampass->logon_count);
else
return 0;
return sampass->logon_count;
}
uint32 pdb_get_unknown_6(const struct samu *sampass)
{
if (sampass)
return (sampass->unknown_6);
else
return (-1);
return sampass->unknown_6;
}
void *pdb_get_backend_private_data(const struct samu *sampass, const struct pdb_methods *my_methods)
{
if (sampass && my_methods == sampass->backend_private_methods)
if (my_methods == sampass->backend_private_methods) {
return sampass->backend_private_data;
else
} else {
return NULL;
}
}
/*********************************************************************
Collection of set...() functions for struct samu.
@ -468,8 +366,7 @@ BOOL pdb_set_kickoff_time (struct samu *sampass, time_t mytime, enum pdb_value_s
return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
}
BOOL pdb_set_bad_password_time (struct samu *sampass, time_t mytime,
enum pdb_value_state flag)
BOOL pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;

View File

@ -37,7 +37,9 @@ static struct pdb_init_function_entry *backends = NULL;
static void lazy_initialize_passdb(void)
{
static BOOL initialized = False;
if(initialized)return;
if(initialized) {
return;
}
static_init_pdb;
initialized = True;
}
@ -201,13 +203,19 @@ static struct pdb_methods *pdb_get_methods_reload( BOOL reload )
if ( pdb && reload ) {
pdb->free_private_data( &(pdb->private_data) );
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
return NULL;
pstring msg;
slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
lp_passdb_backend() );
smb_panic(msg);
}
}
if ( !pdb ) {
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
return NULL;
pstring msg;
slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
lp_passdb_backend() );
smb_panic(msg);
}
}
@ -226,22 +234,12 @@ static struct pdb_methods *pdb_get_methods(void)
BOOL pdb_setsampwent(BOOL update, uint16 acb_mask)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
}
void pdb_endsampwent(void)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return;
}
pdb->endsampwent(pdb);
}
@ -249,16 +247,10 @@ BOOL pdb_getsampwent(struct samu *user)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
return False;
}
pdb_force_pw_initialization( user );
return True;
}
@ -266,10 +258,6 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
if (!NT_STATUS_IS_OK(pdb->getsampwnam(pdb, sam_acct, username))) {
return False;
}
@ -280,8 +268,14 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
pdb_force_pw_initialization( sam_acct );
if ( (csamuser = samu_new( NULL )) != NULL ) {
pdb_copy_sam_account(csamuser, sam_acct);
csamuser = samu_new( NULL );
if (!csamuser) {
return False;
}
if (!pdb_copy_sam_account(csamuser, sam_acct)) {
TALLOC_FREE(csamuser);
return False;
}
return True;
@ -314,13 +308,9 @@ BOOL guest_user_info( struct samu *user )
BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
{
struct pdb_methods *pdb;
struct pdb_methods *pdb = pdb_get_methods();
uint32 rid;
if ( !(pdb = pdb_get_methods()) ) {
return False;
}
/* hard code the Guest RID of 501 */
if ( !sid_peek_check_rid( get_global_sam_sid(), sid, &rid ) )
@ -410,11 +400,6 @@ NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->create_user(pdb, mem_ctx, name, flags, rid);
}
@ -472,10 +457,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
struct pdb_methods *pdb = pdb_get_methods();
uid_t uid = -1;
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
/* sanity check to make sure we don't delete root */
if ( !sid_to_uid( pdb_get_user_sid(sam_acct), &uid ) ) {
@ -492,11 +473,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->add_sam_account(pdb, sam_acct);
}
@ -504,10 +480,6 @@ NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@ -520,10 +492,6 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@ -537,10 +505,6 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
struct pdb_methods *pdb = pdb_get_methods();
uid_t uid;
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@ -562,44 +526,24 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
return pdb->update_login_attempts(pdb, sam_acct, success);
}
BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
}
BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
}
BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
}
@ -645,11 +589,6 @@ NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->create_dom_group(pdb, mem_ctx, name, rid);
}
@ -704,44 +643,24 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->delete_dom_group(pdb, mem_ctx, rid);
}
NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->add_group_mapping_entry(pdb, map);
}
NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->update_group_mapping_entry(pdb, map);
}
NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->delete_group_mapping_entry(pdb, sid);
}
@ -749,11 +668,6 @@ BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use,
size_t *p_num_entries, BOOL unix_only)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
pp_rmap, p_num_entries, unix_only));
}
@ -766,10 +680,6 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
struct pdb_methods *pdb = pdb_get_methods();
NTSTATUS result;
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
result = pdb->enum_group_members(pdb, mem_ctx,
sid, pp_member_rids, p_num_members);
@ -796,11 +706,6 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
size_t *p_num_groups)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->enum_group_memberships(
pdb, mem_ctx, user,
pp_sids, pp_gids, p_num_groups);
@ -829,11 +734,6 @@ static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->set_unix_primary_group(pdb, mem_ctx, user);
}
@ -923,11 +823,6 @@ NTSTATUS pdb_add_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
uint32 member_rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->add_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
@ -990,44 +885,24 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
uint32 member_rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
BOOL pdb_find_alias(const char *name, DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
}
NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
return pdb->create_alias(pdb, name, rid);
}
BOOL pdb_delete_alias(const DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
}
@ -1035,44 +910,24 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
}
BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
}
NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->add_aliasmem(pdb, alias, member);
}
NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->del_aliasmem(pdb, alias, member);
}
@ -1080,13 +935,7 @@ NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
DOM_SID **pp_members, size_t *p_num_members)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
return pdb->enum_aliasmem(pdb, alias,
pp_members, p_num_members);
return pdb->enum_aliasmem(pdb, alias, pp_members, p_num_members);
}
NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
@ -1096,11 +945,6 @@ NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
size_t *p_num_alias_rids)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
return pdb->enum_alias_memberships(pdb, mem_ctx,
domain_sid,
members, num_members,
@ -1115,11 +959,6 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
uint32 *attrs)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
return pdb->lookup_rids(pdb, domain_sid,
num_rids, rids, names, attrs);
}
@ -1131,11 +970,6 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
uint32 *attrs)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return NT_STATUS_NOT_IMPLEMENTED;
}
return pdb->lookup_names(pdb, domain_sid,
num_names, names, rids, attrs);
}
@ -1143,55 +977,30 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
BOOL pdb_get_account_policy(int policy_index, uint32 *value)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->get_account_policy(pdb, policy_index, value));
}
BOOL pdb_set_account_policy(int policy_index, uint32 value)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->set_account_policy(pdb, policy_index, value));
}
BOOL pdb_get_seq_num(time_t *seq_num)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
}
BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return pdb->uid_to_rid(pdb, uid, rid);
}
BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return pdb->gid_to_sid(pdb, gid, sid);
}
@ -1199,22 +1008,12 @@ BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
enum SID_NAME_USE *type)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return pdb->sid_to_id(pdb, sid, id, type);
}
BOOL pdb_rid_algorithm(void)
{
struct pdb_methods *pdb = pdb_get_methods();
if ( !pdb ) {
return False;
}
return pdb->rid_algorithm(pdb);
}
@ -1234,10 +1033,6 @@ BOOL pdb_new_rid(uint32 *rid)
int i;
TALLOC_CTX *ctx;
if ( !pdb ) {
return False;
}
if (pdb_rid_algorithm()) {
DEBUG(0, ("Trying to allocate a RID when algorithmic RIDs "
"are active\n"));
@ -2079,10 +1874,10 @@ struct pdb_search *pdb_search_users(uint32 acct_flags)
struct pdb_methods *pdb = pdb_get_methods();
struct pdb_search *result;
if (pdb == NULL) return NULL;
result = pdb_search_init(PDB_USER_SEARCH);
if (result == NULL) return NULL;
if (result == NULL) {
return NULL;
}
if (!pdb->search_users(pdb, result, acct_flags)) {
talloc_destroy(result->mem_ctx);
@ -2096,10 +1891,10 @@ struct pdb_search *pdb_search_groups(void)
struct pdb_methods *pdb = pdb_get_methods();
struct pdb_search *result;
if (pdb == NULL) return NULL;
result = pdb_search_init(PDB_GROUP_SEARCH);
if (result == NULL) return NULL;
if (result == NULL) {
return NULL;
}
if (!pdb->search_groups(pdb, result)) {
talloc_destroy(result->mem_ctx);

View File

@ -238,7 +238,7 @@ static NTSTATUS get_md4pw(char *md4pw, char *mach_acct, uint16 sec_chan_type)
ret = pdb_getsampwnam(sampass, mach_acct);
unbecome_root();
if (ret == False) {
if (!ret) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
TALLOC_FREE(sampass);
return NT_STATUS_ACCESS_DENIED;
@ -562,26 +562,30 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
}
/* We must store the creds state after an update. */
sampass = samu_new( NULL );
if (!sampass) {
return NT_STATUS_NO_MEMORY;
}
become_root();
secrets_store_schannel_session_info(p->pipe_state_mem_ctx,
remote_machine,
p->dc);
if ( (sampass = samu_new( NULL )) != NULL ) {
ret = pdb_getsampwnam(sampass, p->dc->mach_acct);
}
unbecome_root();
if ( !sampass )
return NT_STATUS_NO_MEMORY;
if (!ret) {
TALLOC_FREE(sampass);
return NT_STATUS_ACCESS_DENIED;
}
/* Ensure the account exists and is a machine account. */
acct_ctrl = pdb_get_acct_ctrl(sampass);
if (!(ret
&& (acct_ctrl & ACB_WSTRUST ||
if (!(acct_ctrl & ACB_WSTRUST ||
acct_ctrl & ACB_SVRTRUST ||
acct_ctrl & ACB_DOMTRUST))) {
acct_ctrl & ACB_DOMTRUST)) {
TALLOC_FREE(sampass);
return NT_STATUS_NO_SUCH_USER;
}

View File

@ -2010,6 +2010,12 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
return False;
}
if ( !(sampw = samu_new(mem_ctx)) ) {
DEBUG(0, ("samu_new() failed!\n"));
TALLOC_FREE(mem_ctx);
return False;
}
/* Lookup the user information; This should only be one of
our accounts (not remote domains) */
@ -2027,11 +2033,6 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
goto done;
}
if ( !(sampw = samu_new(mem_ctx)) ) {
DEBUG(0, ("samu_new() failed!\n"));
goto done;
}
if ( !pdb_getsampwsid(sampw, &user_sid) ) {
DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n",
sid_string_static(&user_sid), UserName));

View File

@ -403,12 +403,19 @@ static int process_root(int local_flags)
if(local_flags & LOCAL_ENABLE_USER) {
struct samu *sampass = NULL;
BOOL ret;
sampass = samu_new( NULL );
ret = pdb_getsampwnam(sampass, user_name);
if((ret) &&
(pdb_get_nt_passwd(sampass) == NULL)) {
if (!sampass) {
fprintf(stderr, "talloc fail for struct samu.\n");
exit(1);
}
if (!pdb_getsampwnam(sampass, user_name)) {
fprintf(stderr, "Failed to find user %s in passdb backend.\n",
user_name );
exit(1);
}
if(pdb_get_nt_passwd(sampass) == NULL) {
local_flags |= LOCAL_SET_PASSWORD;
}
TALLOC_FREE(sampass);
@ -437,16 +444,26 @@ static int process_root(int local_flags)
printf("Password changed for user %s on %s.\n", user_name, remote_machine );
} else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
struct samu *sampass = NULL;
BOOL ret;
sampass = samu_new( NULL );
ret = pdb_getsampwnam(sampass, user_name);
if (!samu_new) {
fprintf(stderr, "talloc fail for struct samu.\n");
exit(1);
}
if (!pdb_getsampwnam(sampass, user_name)) {
fprintf(stderr, "Failed to find user %s in passdb backend.\n",
user_name );
exit(1);
}
printf("Password changed for user %s.", user_name );
if( (ret != False) && (pdb_get_acct_ctrl(sampass)&ACB_DISABLED) )
if(pdb_get_acct_ctrl(sampass)&ACB_DISABLED) {
printf(" User has disabled flag set.");
if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
}
if(pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) {
printf(" User has no password flag set.");
}
printf("\n");
TALLOC_FREE(sampass);
}