svn commit: samba r19706 - in branches/SAMBA_3_0_RELEASE: . source/nsswitch source/smbd

jerry at samba.org jerry at samba.org
Tue Nov 14 21:02:16 GMT 2006


Author: jerry
Date: 2006-11-14 21:02:16 +0000 (Tue, 14 Nov 2006)
New Revision: 19706

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19706

Log:
merge up to r19705 from SAMBA_3_0 (good for 3.0.23d now)
Modified:
   branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
   branches/SAMBA_3_0_RELEASE/source/nsswitch/pam_winbind.c
   branches/SAMBA_3_0_RELEASE/source/smbd/service.c


Changeset:
Modified: branches/SAMBA_3_0_RELEASE/WHATSNEW.txt
===================================================================
--- branches/SAMBA_3_0_RELEASE/WHATSNEW.txt	2006-11-14 20:21:23 UTC (rev 19705)
+++ branches/SAMBA_3_0_RELEASE/WHATSNEW.txt	2006-11-14 21:02:16 UTC (rev 19706)
@@ -45,6 +45,7 @@
       with a non-default configuration file name.
     * Fix protection from invalid struct tm values.
     * BUG 4187: Possible crash in signing on/off code.
+    * BUG 4214: Fix crash bug in find_forced_group().
 
 
 o   Timur Bakeyev <timur at com.bat.ru>
@@ -132,8 +133,8 @@
 o   Simo Sorce <idra at samba.org>
     * Merge uid2sid and gid2sid async calls for SAMBA_3_0.
     * Better fqdn handling when parsing the /etc/hosts file.
+    * Fix crash bug in pam_winbind.
 
-
 o   Andrew Tridgell <tridge at samba.org>
     * Fix string alignment problem in password change code.
 

Modified: branches/SAMBA_3_0_RELEASE/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/nsswitch/pam_winbind.c	2006-11-14 20:21:23 UTC (rev 19705)
+++ branches/SAMBA_3_0_RELEASE/source/nsswitch/pam_winbind.c	2006-11-14 21:02:16 UTC (rev 19706)
@@ -861,7 +861,6 @@
 				_pam_log(LOG_INFO, "no \"=\" delimiter for \"%s\" found\n", item);
 				goto out;
 			}
-			SAFE_FREE(parm);
 			_pam_log_debug(ctrl, LOG_INFO, "PAM config: %s '%s'\n", item, p+1);
 			return p + 1;
 		}

Modified: branches/SAMBA_3_0_RELEASE/source/smbd/service.c
===================================================================
--- branches/SAMBA_3_0_RELEASE/source/smbd/service.c	2006-11-14 20:21:23 UTC (rev 19705)
+++ branches/SAMBA_3_0_RELEASE/source/smbd/service.c	2006-11-14 21:02:16 UTC (rev 19706)
@@ -422,6 +422,9 @@
 	BOOL user_must_be_member = False;
 	gid_t gid;
 
+	ZERO_STRUCTP(pgroup_sid);
+	*pgid = (gid_t)-1;
+
 	mem_ctx = talloc_new(NULL);
 	if (mem_ctx == NULL) {
 		DEBUG(0, ("talloc_new failed\n"));
@@ -477,6 +480,12 @@
 			*pgid = gid;
 			DEBUG(3,("Forced group %s for member %s\n",
 				 groupname, username));
+		} else {
+			DEBUG(0,("find_forced_group: forced user %s is not a member "
+				"of forced group %s. Disallowing access.\n",
+				username, groupname ));
+			result = NT_STATUS_MEMBER_NOT_IN_GROUP;
+			goto done;
 		}
 	} else {
 		sid_copy(pgroup_sid, &group_sid);



More information about the samba-cvs mailing list