svn commit: samba r19705 - in branches: SAMBA_3_0/source/smbd
SAMBA_3_0_23/source/smbd SAMBA_3_0_24/source/smbd
jra at samba.org
jra at samba.org
Tue Nov 14 20:21:24 GMT 2006
Author: jra
Date: 2006-11-14 20:21:23 +0000 (Tue, 14 Nov 2006)
New Revision: 19705
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19705
Log:
Fix blocker bug for 3.0.23d - find_forced_group could
return an uninitialized sid.
Jeremy.
Modified:
branches/SAMBA_3_0/source/smbd/service.c
branches/SAMBA_3_0_23/source/smbd/service.c
branches/SAMBA_3_0_24/source/smbd/service.c
Changeset:
Modified: branches/SAMBA_3_0/source/smbd/service.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/service.c 2006-11-14 17:09:34 UTC (rev 19704)
+++ branches/SAMBA_3_0/source/smbd/service.c 2006-11-14 20:21:23 UTC (rev 19705)
@@ -434,6 +434,9 @@
BOOL user_must_be_member = False;
gid_t gid;
+ ZERO_STRUCTP(pgroup_sid);
+ *pgid = (gid_t)-1;
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
@@ -489,6 +492,12 @@
*pgid = gid;
DEBUG(3,("Forced group %s for member %s\n",
groupname, username));
+ } else {
+ DEBUG(0,("find_forced_group: forced user %s is not a member "
+ "of forced group %s. Disallowing access.\n",
+ username, groupname ));
+ result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+ goto done;
}
} else {
sid_copy(pgroup_sid, &group_sid);
Modified: branches/SAMBA_3_0_23/source/smbd/service.c
===================================================================
--- branches/SAMBA_3_0_23/source/smbd/service.c 2006-11-14 17:09:34 UTC (rev 19704)
+++ branches/SAMBA_3_0_23/source/smbd/service.c 2006-11-14 20:21:23 UTC (rev 19705)
@@ -422,6 +422,9 @@
BOOL user_must_be_member = False;
gid_t gid;
+ ZERO_STRUCTP(pgroup_sid);
+ *pgid = (gid_t)-1;
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
@@ -477,6 +480,12 @@
*pgid = gid;
DEBUG(3,("Forced group %s for member %s\n",
groupname, username));
+ } else {
+ DEBUG(0,("find_forced_group: forced user %s is not a member "
+ "of forced group %s. Disallowing access.\n",
+ username, groupname ));
+ result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+ goto done;
}
} else {
sid_copy(pgroup_sid, &group_sid);
Modified: branches/SAMBA_3_0_24/source/smbd/service.c
===================================================================
--- branches/SAMBA_3_0_24/source/smbd/service.c 2006-11-14 17:09:34 UTC (rev 19704)
+++ branches/SAMBA_3_0_24/source/smbd/service.c 2006-11-14 20:21:23 UTC (rev 19705)
@@ -422,6 +422,9 @@
BOOL user_must_be_member = False;
gid_t gid;
+ ZERO_STRUCTP(pgroup_sid);
+ *pgid = (gid_t)-1;
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
@@ -477,6 +480,12 @@
*pgid = gid;
DEBUG(3,("Forced group %s for member %s\n",
groupname, username));
+ } else {
+ DEBUG(0,("find_forced_group: forced user %s is not a member "
+ "of forced group %s. Disallowing access.\n",
+ username, groupname ));
+ result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+ goto done;
}
} else {
sid_copy(pgroup_sid, &group_sid);
More information about the samba-cvs
mailing list