[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-452-g0411635
Jeremy Allison
jra at samba.org
Tue Dec 4 02:55:52 GMT 2007
The branch, v3-2-test has been updated
via 041163551194102ca67fef52c57d87020a1d09bc (commit)
from 9ccac8abb0420393569dbca73e7daf2742aa1099 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 041163551194102ca67fef52c57d87020a1d09bc
Author: Jeremy Allison <jra at samba.org>
Date: Mon Dec 3 18:48:41 2007 -0800
Getting to the home stretch for elimination of pstrings...
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source/utils/ntlm_auth.c | 92 +++++++++++++++++++++++++++------------------
source/utils/pdbedit.c | 26 ++++++------
source/utils/profiles.c | 63 +++++++++++++++++++------------
source/utils/smbcacls.c | 60 ++++++++++++++++-------------
source/utils/smbcquotas.c | 92 +++++++++++++++++++++++++++++---------------
source/utils/smbfilter.c | 10 ++--
source/utils/smbpasswd.c | 7 +--
source/utils/smbtree.c | 25 ++++++++----
source/utils/testparm.c | 22 ++++++-----
9 files changed, 238 insertions(+), 159 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/utils/ntlm_auth.c b/source/utils/ntlm_auth.c
index 18db15d..9312503 100644
--- a/source/utils/ntlm_auth.c
+++ b/source/utils/ntlm_auth.c
@@ -252,7 +252,7 @@ static bool get_require_membership_sid(void) {
}
/* Authenticate a user with a plaintext password */
-static bool check_plaintext_auth(const char *user, const char *pass,
+static bool check_plaintext_auth(const char *user, const char *pass,
bool stdout_diagnostics)
{
struct winbindd_request request;
@@ -270,49 +270,52 @@ static bool check_plaintext_auth(const char *user, const char *pass,
fstrcpy(request.data.auth.user, user);
fstrcpy(request.data.auth.pass, pass);
- if (require_membership_of_sid)
- pstrcpy(request.data.auth.require_membership_of_sid, require_membership_of_sid);
+ if (require_membership_of_sid) {
+ strlcpy(request.data.auth.require_membership_of_sid,
+ require_membership_of_sid,
+ sizeof(request.data.auth.require_membership_of_sid));
+ }
result = winbindd_request_response(WINBINDD_PAM_AUTH, &request, &response);
/* Display response */
-
+
if (stdout_diagnostics) {
if ((result != NSS_STATUS_SUCCESS) && (response.data.auth.nt_status == 0)) {
d_printf("Reading winbind reply failed! (0x01)\n");
}
-
- d_printf("%s: %s (0x%x)\n",
- response.data.auth.nt_status_string,
- response.data.auth.error_string,
+
+ d_printf("%s: %s (0x%x)\n",
+ response.data.auth.nt_status_string,
+ response.data.auth.error_string,
response.data.auth.nt_status);
} else {
if ((result != NSS_STATUS_SUCCESS) && (response.data.auth.nt_status == 0)) {
DEBUG(1, ("Reading winbind reply failed! (0x01)\n"));
}
-
- DEBUG(3, ("%s: %s (0x%x)\n",
- response.data.auth.nt_status_string,
+
+ DEBUG(3, ("%s: %s (0x%x)\n",
+ response.data.auth.nt_status_string,
response.data.auth.error_string,
- response.data.auth.nt_status));
+ response.data.auth.nt_status));
}
-
+
return (result == NSS_STATUS_SUCCESS);
}
/* authenticate a user with an encrypted username/password */
-NTSTATUS contact_winbind_auth_crap(const char *username,
- const char *domain,
+NTSTATUS contact_winbind_auth_crap(const char *username,
+ const char *domain,
const char *workstation,
- const DATA_BLOB *challenge,
- const DATA_BLOB *lm_response,
- const DATA_BLOB *nt_response,
- uint32 flags,
- uint8 lm_key[8],
- uint8 user_session_key[16],
- char **error_string,
- char **unix_name)
+ const DATA_BLOB *challenge,
+ const DATA_BLOB *lm_response,
+ const DATA_BLOB *nt_response,
+ uint32 flags,
+ uint8 lm_key[8],
+ uint8 user_session_key[16],
+ char **error_string,
+ char **unix_name)
{
NTSTATUS nt_status;
NSS_STATUS result;
@@ -994,16 +997,22 @@ static void offer_gss_spnego_mechs(void) {
SPNEGO_DATA spnego;
ssize_t len;
char *reply_base64;
-
- pstring principal;
- pstring myname_lower;
+ TALLOC_CTX *ctx = talloc_tos();
+ char *principal;
+ char *myname_lower;
ZERO_STRUCT(spnego);
- pstrcpy(myname_lower, global_myname());
+ myname_lower = talloc_strdup(ctx, global_myname());
+ if (!myname_lower) {
+ return;
+ }
strlower_m(myname_lower);
- pstr_sprintf(principal, "%s$@%s", myname_lower, lp_realm());
+ principal = talloc_asprintf(ctx, "%s$@%s", myname_lower, lp_realm());
+ if (!principal) {
+ return;
+ }
/* Server negTokenInit (mech offerings) */
spnego.type = SPNEGO_NEG_TOKEN_INIT;
@@ -1047,13 +1056,14 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
DATA_BLOB token;
NTSTATUS status;
ssize_t len;
+ TALLOC_CTX *ctx = talloc_tos();
char *user = NULL;
char *domain = NULL;
const char *reply_code;
char *reply_base64;
- pstring reply_argument;
+ char *reply_argument = NULL;
if (strlen(buf) < 2) {
DEBUG(1, ("SPENGO query [%s] invalid", buf));
@@ -1065,7 +1075,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
if (ntlmssp_state)
ntlmssp_end(&ntlmssp_state);
} else if (strncmp(buf, "KK", 2) == 0) {
-
+ ;
} else {
DEBUG(1, ("SPENGO query [%s] invalid", buf));
x_fprintf(x_stdout, "BH\n");
@@ -1235,16 +1245,22 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
if (NT_STATUS_IS_OK(status)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
reply_code = "AF";
- pstr_sprintf(reply_argument, "%s\\%s", domain, user);
+ reply_argument = talloc_asprintf(ctx, "%s\\%s", domain, user);
} else if (NT_STATUS_EQUAL(status,
NT_STATUS_MORE_PROCESSING_REQUIRED)) {
response.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
reply_code = "TT";
- pstr_sprintf(reply_argument, "*");
+ reply_argument = talloc_strdup(ctx, "*");
} else {
response.negTokenTarg.negResult = SPNEGO_REJECT;
reply_code = "NA";
- pstrcpy(reply_argument, nt_errstr(status));
+ reply_argument = talloc_strdup(ctx, nt_errstr(status));
+ }
+
+ if (!reply_argument) {
+ DEBUG(1, ("Could not write SPNEGO data blob\n"));
+ x_fprintf(x_stdout, "BH\n");
+ return;
}
SAFE_FREE(user);
@@ -1401,7 +1417,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego)
SPNEGO_DATA reply;
char *reply_base64;
int retval;
-
+
const char *my_mechs[] = {OID_KERBEROS5_OLD, NULL};
ssize_t len;
@@ -1426,8 +1442,7 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego)
retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5, 0, NULL, NULL);
if (retval) {
-
- pstring user;
+ char *user = NULL;
/* Let's try to first get the TGT, for that we need a
password. */
@@ -1438,7 +1453,10 @@ static bool manage_client_krb5_init(SPNEGO_DATA spnego)
return True;
}
- pstr_sprintf(user, "%s@%s", opt_username, opt_domain);
+ user = talloc_asprintf(talloc_tos(), "%s@%s", opt_username, opt_domain);
+ if (!user) {
+ return false;
+ }
if ((retval = kerberos_kinit_password(user, opt_password, 0, NULL))) {
DEBUG(10, ("Requesting TGT failed: %s\n", error_message(retval)));
diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c
index 7af4170..c72d989 100644
--- a/source/utils/pdbedit.c
+++ b/source/utils/pdbedit.c
@@ -221,11 +221,11 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst
/* TODO: chaeck if entry is a user or a workstation */
if (!sam_pwent) return -1;
-
+
if (verbosity) {
- pstring temp;
+ char temp[44];
const uint8 *hours;
-
+
printf ("Unix username: %s\n", pdb_get_username(sam_pwent));
printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent));
printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN));
@@ -242,34 +242,34 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst
printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent));
printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent));
printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent));
-
+
tmp = pdb_get_logon_time(sam_pwent);
printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0");
-
+
tmp = pdb_get_logoff_time(sam_pwent);
printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0");
-
+
tmp = pdb_get_kickoff_time(sam_pwent);
printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0");
-
+
tmp = pdb_get_pass_last_set_time(sam_pwent);
printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0");
-
+
tmp = pdb_get_pass_can_change_time(sam_pwent);
printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0");
-
+
tmp = pdb_get_pass_must_change_time(sam_pwent);
printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0");
tmp = pdb_get_bad_password_time(sam_pwent);
printf ("Last bad password : %s\n", tmp ? http_timestring(tmp) : "0");
- printf ("Bad password count : %d\n",
+ printf ("Bad password count : %d\n",
pdb_get_bad_password_count(sam_pwent));
-
+
hours = pdb_get_hours(sam_pwent);
pdb_sethexhours(temp, hours);
printf ("Logon hours : %s\n", temp);
-
+
} else if (smbpwdstyle) {
char lm_passwd[33];
char nt_passwd[33];
@@ -277,7 +277,7 @@ static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdst
uid = nametouid(pdb_get_username(sam_pwent));
pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent));
pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent));
-
+
printf("%s:%lu:%s:%s:%s:LCT-%08X:\n",
pdb_get_username(sam_pwent),
(unsigned long)uid,
diff --git a/source/utils/profiles.c b/source/utils/profiles.c
index f9b17d3..c641429 100644
--- a/source/utils/profiles.c
+++ b/source/utils/profiles.c
@@ -120,7 +120,7 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
REGVAL_CTR *values;
REGSUBKEY_CTR *subkeys;
int i;
- pstring path;
+ char *path;
/* swap out the SIDs in the security descriptor */
@@ -160,13 +160,18 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
/* write each one of the subkeys out */
- pstr_sprintf( path, "%s%s%s", parentpath, parent ? "\\" : "", nk->keyname );
-
+ path = talloc_asprintf(subkeys, "%s%s%s",
+ parentpath, parent ? "\\" : "",nk->keyname);
+ if (!path) {
+ TALLOC_FREE( subkeys );
+ return false;
+ }
+
nk->subkey_index = 0;
- while ( (subkey = regfio_fetch_subkey( infile, nk )) ) {
- if ( !copy_registry_tree( infile, subkey, key, outfile, path ) ) {
- TALLOC_FREE( subkeys );
- return False;
+ while ((subkey = regfio_fetch_subkey(infile, nk))) {
+ if (!copy_registry_tree( infile, subkey, key, outfile, path)) {
+ TALLOC_FREE(subkeys);
+ return false;
}
}
@@ -184,10 +189,11 @@ static bool copy_registry_tree( REGF_FILE *infile, REGF_NK_REC *nk,
int main( int argc, char *argv[] )
{
+ TALLOC_CTX *frame = talloc_stackframe();
int opt;
REGF_FILE *infile, *outfile;
REGF_NK_REC *nk;
- pstring orig_filename, new_filename;
+ char *orig_filename, *new_filename;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "change-sid", 'c', POPT_ARG_STRING, NULL, 'c', "Provides SID to change" },
@@ -207,7 +213,7 @@ int main( int argc, char *argv[] )
dbf = x_stderr;
x_setbuf( x_stderr, NULL );
- pc = poptGetContext("profiles", argc, (const char **)argv, long_options,
+ pc = poptGetContext("profiles", argc, (const char **)argv, long_options,
POPT_CONTEXT_KEEP_FIRST);
poptSetOtherOptionHelp(pc, "<profilefile>");
@@ -237,7 +243,7 @@ int main( int argc, char *argv[] )
}
}
- poptGetArg(pc);
+ poptGetArg(pc);
if (!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
@@ -250,39 +256,48 @@ int main( int argc, char *argv[] )
exit(252);
}
- pstrcpy( orig_filename, poptPeekArg(pc) );
- pstr_sprintf( new_filename, "%s.new", orig_filename );
-
- if ( !(infile = regfio_open( orig_filename, O_RDONLY, 0 )) ) {
+ orig_filename = talloc_strdup(frame, poptPeekArg(pc));
+ if (!orig_filename) {
+ exit(ENOMEM);
+ }
+ new_filename = talloc_asprintf(frame,
+ "%s.new",
+ orig_filename);
+ if (!new_filename) {
+ exit(ENOMEM);
+ }
+
+ if (!(infile = regfio_open( orig_filename, O_RDONLY, 0))) {
fprintf( stderr, "Failed to open %s!\n", orig_filename );
fprintf( stderr, "Error was (%s)\n", strerror(errno) );
exit (1);
}
-
+
if ( !(outfile = regfio_open( new_filename, (O_RDWR|O_CREAT|O_TRUNC), (S_IREAD|S_IWRITE) )) ) {
fprintf( stderr, "Failed to open new file %s!\n", new_filename );
fprintf( stderr, "Error was (%s)\n", strerror(errno) );
exit (1);
}
-
+
/* actually do the update now */
-
+
if ((nk = regfio_rootkey( infile )) == NULL) {
fprintf(stderr, "Could not get rootkey\n");
exit(3);
}
-
- if ( !copy_registry_tree( infile, nk, NULL, outfile, "" ) ) {
+
+ if (!copy_registry_tree( infile, nk, NULL, outfile, "")) {
fprintf(stderr, "Failed to write updated registry file!\n");
exit(2);
}
-
+
/* cleanup */
-
- regfio_close( infile );
- regfio_close( outfile );
+
+ regfio_close(infile);
+ regfio_close(outfile);
poptFreeContext(pc);
- return( 0 );
+ TALLOC_FREE(frame);
+ return 0;
}
diff --git a/source/utils/smbcacls.c b/source/utils/smbcacls.c
index 8c790c8..861aea0 100644
--- a/source/utils/smbcacls.c
+++ b/source/utils/smbcacls.c
@@ -569,7 +569,7 @@ because the NT docs say this can't be done :-). JRA.
*******************************************************/
static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
- char *filename, char *new_username)
+ const char *filename, const char *new_username)
{
int fnum;
DOM_SID sid;
@@ -848,8 +848,8 @@ static struct cli_state *connect_one(const char *server, const char *share)
static char *the_acl = NULL;
enum chown_mode change_mode = REQUEST_NONE;
int result;
- fstring path;
- pstring filename;
+ char *path;
+ char *filename = NULL;
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
@@ -868,10 +868,8 @@ static struct cli_state *connect_one(const char *server, const char *share)
struct cli_state *cli;
TALLOC_CTX *frame = talloc_stackframe();
- pstring owner_username;
- fstring server;
-
- owner_username[0] = '\0';
+ const char *owner_username = "";
+ char *server;
load_case_tables();
@@ -888,7 +886,7 @@ static struct cli_state *connect_one(const char *server, const char *share)
load_interfaces();
pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
-
+
poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: "
"'ACL:user:[ALLOWED|DENIED]/flags/permissions'");
@@ -915,35 +913,44 @@ static struct cli_state *connect_one(const char *server, const char *share)
break;
case 'C':
- pstrcpy(owner_username,poptGetOptArg(pc));
+ owner_username = poptGetOptArg(pc);
change_mode = REQUEST_CHOWN;
break;
case 'G':
- pstrcpy(owner_username,poptGetOptArg(pc));
+ owner_username = poptGetOptArg(pc);
change_mode = REQUEST_CHGRP;
break;
}
}
/* Make connection to server */
- if(!poptPeekArg(pc)) {
+ if(!poptPeekArg(pc)) {
poptPrintUsage(pc, stderr, 0);
return -1;
}
-
- fstrcpy(path, poptGetArg(pc));
-
- if(!poptPeekArg(pc)) {
- poptPrintUsage(pc, stderr, 0);
+
+ path = talloc_strdup(frame, poptGetArg(pc));
+ if (!path) {
return -1;
}
-
- pstrcpy(filename, poptGetArg(pc));
- all_string_sub(path,"/","\\",0);
+ if(!poptPeekArg(pc)) {
+ poptPrintUsage(pc, stderr, 0);
+ return -1;
+ }
+
+ filename = talloc_strdup(frame, poptGetArg(pc));
+ if (!filename) {
+ return -1;
+ }
- fstrcpy(server,path+2);
+ string_replace(path,'/','\\');
+
+ server = talloc_strdup(frame, path+2);
+ if (!server) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list