svn commit: samba r17466 - in branches/SAMBA_3_0_23/source/nsswitch: .

jra at samba.org jra at samba.org
Wed Aug 9 02:21:09 GMT 2006


Author: jra
Date: 2006-08-09 02:21:04 +0000 (Wed, 09 Aug 2006)
New Revision: 17466

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17466

Log:
Merge over winbindd critical fixes :

Ensure we never save a NULL SID mapping. || should be &&.
Found by Whitfield school.

Ensure we use a hash16 data type, not a string,
for storing offline hashes.

Jeremy.

Modified:
   branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c


Changeset:
Modified: branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c	2006-08-08 20:50:35 UTC (rev 17465)
+++ branches/SAMBA_3_0_23/source/nsswitch/winbindd_cache.c	2006-08-09 02:21:04 UTC (rev 17466)
@@ -269,9 +269,40 @@
 	return ret;
 }
 
-/* pull a string from a cache entry, using the supplied
+/* pull a hash16 from a cache entry, using the supplied
    talloc context 
 */
+static char *centry_hash16(struct cache_entry *centry, TALLOC_CTX *mem_ctx)
+{
+	uint32 len;
+	char *ret;
+
+	len = centry_uint8(centry);
+
+	if (len != 16) {
+		DEBUG(0,("centry corruption? hash len (%u) != 16\n", 
+			len ));
+		smb_panic("centry_hash16");
+	}
+
+	if (centry->len - centry->ofs < 16) {
+		DEBUG(0,("centry corruption? needed 16 bytes, have %d\n", 
+			 centry->len - centry->ofs));
+		smb_panic("centry_hash16");
+	}
+
+	ret = TALLOC_ARRAY(mem_ctx, char, 16);
+	if (!ret) {
+		smb_panic("centry_hash out of memory\n");
+	}
+	memcpy(ret,centry->data + centry->ofs, 16);
+	centry->ofs += 16;
+	return ret;
+}
+
+/* pull a sid from a cache entry, using the supplied
+   talloc context 
+*/
 static BOOL centry_sid(struct cache_entry *centry, TALLOC_CTX *mem_ctx, DOM_SID *sid)
 {
 	char *sid_string;
@@ -629,6 +660,17 @@
 	centry->ofs += len;
 }
 
+/* 
+   push a 16 byte hash into a centry - treat as 16 byte string.
+ */
+static void centry_put_hash16(struct cache_entry *centry, const uint8 val[16])
+{
+	centry_put_uint8(centry, 16);
+	centry_expand(centry, 16);
+	memcpy(centry->data + centry->ofs, val, 16);
+	centry->ofs += 16;
+}
+
 static void centry_put_sid(struct cache_entry *centry, const DOM_SID *sid) 
 {
 	fstring sid_string;
@@ -864,7 +906,7 @@
 	}
 
 	t = centry_time(centry);
-	*cached_nt_pass = (const uint8 *)centry_string(centry, mem_ctx);
+	*cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
 
 #if DEBUG_PASSWORD
 	dump_data(100, (const char *)cached_nt_pass, NT_HASH_LEN);
@@ -905,7 +947,7 @@
 #endif
 
 	centry_put_time(centry, time(NULL));
-	centry_put_string(centry, (const char *)nt_pass);
+	centry_put_hash16(centry, nt_pass);
 	centry_end(centry, "CRED/%s", sid_to_string(sid_string, sid));
 
 	DEBUG(10,("wcache_save_creds: %s\n", sid_string));
@@ -1240,7 +1282,7 @@
 	status = domain->backend->name_to_sid(domain, mem_ctx, domain_name, name, sid, type);
 
 	/* and save it */
-	if (domain->online || !is_null_sid(sid)) {
+	if (domain->online && !is_null_sid(sid)) {
 		wcache_save_name_to_sid(domain, status, domain_name, name, sid, *type);
 	}
 



More information about the samba-cvs mailing list