svn commit: samba r17466 - in
branches/SAMBA_3_0_23/source/nsswitch: .
jra at samba.org
jra at samba.org
Wed Aug 9 02:21:09 GMT 2006
Author: jra
Date: 2006-08-09 02:21:04 +0000 (Wed, 09 Aug 2006)
New Revision: 17466
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17466
Log:
Merge over winbindd critical fixes :
Ensure we never save a NULL SID mapping. || should be &&.
Found by Whitfield school.
Ensure we use a hash16 data type, not a string,
for storing offline hashes.
Jeremy.
Modified:
branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c 2006-08-08 20:50:35 UTC (rev 17465)
+++ branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c 2006-08-09 02:21:04 UTC (rev 17466)
@@ -269,9 +269,40 @@
return ret;
}
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
talloc context
*/
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+ uint32 len;
+ char *ret;
+
+ len = centry_uint8(centry);
+
+ if (len != 16) {
+ DEBUG(0,("centry corruption? hash len (%u) != 16\n",
+ len ));
+ smb_panic("centry_hash16");
+ }
+
+ if (centry->len - centry->ofs < 16) {
+ DEBUG(0,("centry corruption? needed 16 bytes, have %d\n",
+ centry->len - centry->ofs));
+ smb_panic("centry_hash16");
+ }
+
+ ret = TALLOC_ARRAY(mem_ctx, char, 16);
+ if (!ret) {
+ smb_panic("centry_hash out of memory\n");
+ }
+ memcpy(ret,centry->data + centry->ofs, 16);
+ centry->ofs += 16;
+ return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+ talloc context
+*/
static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx, DOM_SID *sid)
{
char *sid_string;
@@ -629,6 +660,17 @@
centry->ofs += len;
}
+/*
+ push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+ centry_put_uint8(centry, 16);
+ centry_expand(centry, 16);
+ memcpy(centry->data + centry->ofs, val, 16);
+ centry->ofs += 16;
+}
+
static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid)
{
fstring sid_string;
@@ -864,7 +906,7 @@
}
t = centry_time(centry);
- *cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+ *cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
#if DEBUG_PASSWORD
dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -905,7 +947,7 @@
#endif
centry_put_time(centry, time(NULL));
- centry_put_string(centry, (const char *)nt_pass);
+ centry_put_hash16(centry, nt_pass);
centry_end(centry, "CRED/%s", sid_to_string(sid_string, sid));
DEBUG(10,("wcache_save_creds: %s\n", sid_string));
@@ -1240,7 +1282,7 @@
status = domain->backend->name_to_sid(domain, mem_ctx, domain_name, name, sid, type);
/* and save it */
- if (domain->online || !is_null_sid(sid)) {
+ if (domain->online && !is_null_sid(sid)) {
wcache_save_name_to_sid(domain, status, domain_name, name, sid, *type);
}
More information about the samba-cvs
mailing list