[SCM] Samba Shared Repository - branch master updated - 9ccd1174f75276b0533b5bbb0765df8fc1e2912d

Günther Deschner gd at samba.org
Tue Dec 2 09:11:18 GMT 2008 

The branch, master has been updated
       via  9ccd1174f75276b0533b5bbb0765df8fc1e2912d (commit)
       via  8e5cd8f81c80feee87defe85be7de0b0ee76dfe9 (commit)
      from  25e7b21121d867a74c9e5241a8684e9937961fe3 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9ccd1174f75276b0533b5bbb0765df8fc1e2912d
Author: Günther Deschner <gd at samba.org>
Date:   Tue Dec 2 02:08:05 2008 +0100

    s3-samr: simplify _samr_QueryUserInfo a lot and fix some few potential memleaks.
    
    Guenther

commit 8e5cd8f81c80feee87defe85be7de0b0ee76dfe9
Author: Günther Deschner <gd at samba.org>
Date:   Tue Dec 2 00:58:53 2008 +0100

    s3-samr: fix samr_SetUserInfo{2} level 23.
    
    Do not just start decoding/setting passwords when fields_present
    do not indicate there is a password to be set.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/srv_samr_nt.c |  241 +++++++++-----------------------------
 1 files changed, 58 insertions(+), 183 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index dc2377b..cbcd4de 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2255,11 +2255,9 @@ static NTSTATUS init_samr_parameters_string(TALLOC_CTX *mem_ctx,
 
 static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 				struct samr_UserInfo5 *r,
-				DOM_SID *user_sid,
+				struct samu *pw,
 				DOM_SID *domain_sid)
 {
-	struct samu *pw = NULL;
-	bool ret;
 	const DOM_SID *sid_user, *sid_group;
 	uint32_t rid, primary_gid;
 	NTTIME last_logon, last_logoff, last_password_change,
@@ -2271,24 +2269,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 
 	ZERO_STRUCTP(r);
 
-	if (!(pw = samu_new(mem_ctx))) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(pw, user_sid);
-	unbecome_root();
-
-	if (ret == False) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		TALLOC_FREE(pw);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
-	samr_clear_sam_passwd(pw);
-
-	DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
-
 	sid_user = pdb_get_user_sid(pw);
 
 	if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
@@ -2296,7 +2276,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 			  "the domain sid %s.  Failing operation.\n",
 			  pdb_get_username(pw), sid_string_dbg(sid_user),
 			  sid_string_dbg(domain_sid)));
-		TALLOC_FREE(pw);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
@@ -2309,7 +2288,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 			  "which conflicts with the domain sid %s.  Failing operation.\n",
 			  pdb_get_username(pw), sid_string_dbg(sid_group),
 			  sid_string_dbg(domain_sid)));
-		TALLOC_FREE(pw);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
@@ -2350,8 +2328,6 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 			     acct_expiry,
 			     pdb_get_acct_ctrl(pw));
 
-	TALLOC_FREE(pw);
-
 	return NT_STATUS_OK;
 }
 
@@ -2361,35 +2337,16 @@ static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
 
 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
 				struct samr_UserInfo7 *r,
-				DOM_SID *user_sid)
+				struct samu *smbpass)
 {
-	struct samu *smbpass=NULL;
-	bool ret;
 	const char *account_name = NULL;
 
 	ZERO_STRUCTP(r);
 
-	if ( !(smbpass = samu_new( mem_ctx )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(smbpass, user_sid);
-	unbecome_root();
-
-	if ( !ret ) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
 	account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
 	if (!account_name) {
-		TALLOC_FREE(smbpass);
 		return NT_STATUS_NO_MEMORY;
 	}
-	TALLOC_FREE(smbpass);
-
-	DEBUG(3,("User:[%s]\n", account_name));
 
 	init_samr_user_info7(r, account_name);
 
@@ -2402,33 +2359,12 @@ static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
 
 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
 				struct samr_UserInfo9 *r,
-				DOM_SID *user_sid)
+				struct samu *smbpass)
 {
-	struct samu *smbpass=NULL;
-	bool ret;
-
 	ZERO_STRUCTP(r);
 
-	if ( !(smbpass = samu_new( mem_ctx )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(smbpass, user_sid);
-	unbecome_root();
-
-	if (ret==False) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		TALLOC_FREE(smbpass);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
-	DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
-
 	init_samr_user_info9(r, pdb_get_group_rid(smbpass));
 
-	TALLOC_FREE(smbpass);
-
 	return NT_STATUS_OK;
 }
 
@@ -2438,33 +2374,12 @@ static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
 
 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
 				 struct samr_UserInfo16 *r,
-				 DOM_SID *user_sid)
+				 struct samu *smbpass)
 {
-	struct samu *smbpass=NULL;
-	bool ret;
-
 	ZERO_STRUCTP(r);
 
-	if ( !(smbpass = samu_new( mem_ctx )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(smbpass, user_sid);
-	unbecome_root();
-
-	if (ret==False) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		TALLOC_FREE(smbpass);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
-	DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
-
 	init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass));
 
-	TALLOC_FREE(smbpass);
-
 	return NT_STATUS_OK;
 }
 
@@ -2529,10 +2444,8 @@ static NTSTATUS get_user_info_18(pipes_struct *p,
 
 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
 				 struct samr_UserInfo20 *r,
-				 DOM_SID *user_sid)
+				 struct samu *sampass)
 {
-	struct samu *sampass=NULL;
-	bool ret;
 	const char *munged_dial = NULL;
 	DATA_BLOB blob;
 	NTSTATUS status;
@@ -2540,24 +2453,8 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
 
 	ZERO_STRUCTP(r);
 
-	if ( !(sampass = samu_new( mem_ctx )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(sampass, user_sid);
-	unbecome_root();
-
-	if (ret == False) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		TALLOC_FREE(sampass);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
 	munged_dial = pdb_get_munged_dial(sampass);
 
-	samr_clear_sam_passwd(sampass);
-
 	DEBUG(3,("User:[%s] has [%s] (length: %d)\n", pdb_get_username(sampass),
 		munged_dial, (int)strlen(munged_dial)));
 
@@ -2569,7 +2466,6 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
 
 	status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
 	data_blob_free(&blob);
-	TALLOC_FREE(sampass);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -2586,12 +2482,10 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
 
 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 				 struct samr_UserInfo21 *r,
-				 DOM_SID *user_sid,
+				 struct samu *pw,
 				 DOM_SID *domain_sid)
 {
 	NTSTATUS status;
-	struct samu *pw = NULL;
-	bool ret;
 	const DOM_SID *sid_user, *sid_group;
 	uint32_t rid, primary_gid;
 	NTTIME last_logon, last_logoff, last_password_change,
@@ -2608,24 +2502,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 
 	ZERO_STRUCTP(r);
 
-	if (!(pw = samu_new(mem_ctx))) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwsid(pw, user_sid);
-	unbecome_root();
-
-	if (ret == False) {
-		DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
-		TALLOC_FREE(pw);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
-	samr_clear_sam_passwd(pw);
-
-	DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
-
 	sid_user = pdb_get_user_sid(pw);
 
 	if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
@@ -2633,7 +2509,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 			  "the domain sid %s.  Failing operation.\n",
 			  pdb_get_username(pw), sid_string_dbg(sid_user),
 			  sid_string_dbg(domain_sid)));
-		TALLOC_FREE(pw);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
@@ -2646,7 +2521,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 			  "which conflicts with the domain sid %s.  Failing operation.\n",
 			  pdb_get_username(pw), sid_string_dbg(sid_group),
 			  sid_string_dbg(domain_sid)));
-		TALLOC_FREE(pw);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
@@ -2679,7 +2553,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 	status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
 	data_blob_free(&blob);
 	if (!NT_STATUS_IS_OK(status)) {
-		TALLOC_FREE(pw);
 		return status;
 	}
 
@@ -2737,7 +2610,6 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
 			      0, /* nt_password_set */
 			      0, /* lm_password_set */
 			      password_expired);
-	TALLOC_FREE(pw);
 
 	return NT_STATUS_OK;
 }
@@ -2754,6 +2626,8 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
 	struct samr_info *info = NULL;
 	DOM_SID domain_sid;
 	uint32 rid;
+	bool ret = false;
+	struct samu *pwd = NULL;
 
 	/* search for the handle */
 	if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info))
@@ -2783,58 +2657,54 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
 
 	DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
 
+	if (!(pwd = samu_new(p->mem_ctx))) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	become_root();
+	ret = pdb_getsampwsid(pwd, &info->sid);
+	unbecome_root();
+
+	if (ret == false) {
+		DEBUG(4,("User %s not found\n", sid_string_dbg(&info->sid)));
+		TALLOC_FREE(pwd);
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	DEBUG(3,("User:[%s]\n", pdb_get_username(pwd)));
+
+	samr_clear_sam_passwd(pwd);
+
 	switch (r->in.level) {
 	case 5:
-		status = get_user_info_5(p->mem_ctx, &user_info->info5, &info->sid, &domain_sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_5(p->mem_ctx, &user_info->info5, pwd, &domain_sid);
 		break;
 	case 7:
-		status = get_user_info_7(p->mem_ctx, &user_info->info7, &info->sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_7(p->mem_ctx, &user_info->info7, pwd);
 		break;
 	case 9:
-		status = get_user_info_9(p->mem_ctx, &user_info->info9, &info->sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_9(p->mem_ctx, &user_info->info9, pwd);
 		break;
 	case 16:
-		status = get_user_info_16(p->mem_ctx, &user_info->info16, &info->sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_16(p->mem_ctx, &user_info->info16, pwd);
 		break;
-
 	case 18:
+		/* level 18 is special */
 		status = get_user_info_18(p, p->mem_ctx, &user_info->info18, &info->sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
 		break;
-
 	case 20:
-		status = get_user_info_20(p->mem_ctx, &user_info->info20, &info->sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_20(p->mem_ctx, &user_info->info20, pwd);
 		break;
-
 	case 21:
-		status = get_user_info_21(p->mem_ctx, &user_info->info21,
-					  &info->sid, &domain_sid);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
+		status = get_user_info_21(p->mem_ctx, &user_info->info21, pwd, &domain_sid);
 		break;
-
 	default:
-		return NT_STATUS_INVALID_INFO_CLASS;
+		status = NT_STATUS_INVALID_INFO_CLASS;
+		break;
 	}
 
+	TALLOC_FREE(pwd);
+
 	*r->out.info = user_info;
 
 	DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));
@@ -3970,7 +3840,7 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
 {
 	char *plaintext_buf = NULL;
 	uint32 len = 0;
-	uint16 acct_ctrl;
+	uint32_t acct_ctrl;
 	NTSTATUS status;
 
 	if (id23 == NULL) {
@@ -3986,32 +3856,35 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
+	if ((id23->info.fields_present & SAMR_FIELD_PASSWORD) ||
+	    (id23->info.fields_present & SAMR_FIELD_PASSWORD2)) {
 
-	DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
-		  pdb_get_username(pwd)));
-
-	acct_ctrl = pdb_get_acct_ctrl(pwd);
+		DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
+			  pdb_get_username(pwd)));
 
-	if (!decode_pw_buffer(mem_ctx,
-				id23->password.data,
-				&plaintext_buf,
-				&len,
-				STR_UNICODE)) {
-		return NT_STATUS_WRONG_PASSWORD;
- 	}
+		if (!decode_pw_buffer(mem_ctx,
+				      id23->password.data,
+				      &plaintext_buf,
+				      &len,
+				      STR_UNICODE)) {
+			return NT_STATUS_WRONG_PASSWORD;
+		}
 
-	if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
-		return NT_STATUS_ACCESS_DENIED;
+		if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
+			return NT_STATUS_ACCESS_DENIED;
+		}
 	}
 
 	copy_id23_to_sam_passwd(pwd, id23);
 
+	acct_ctrl = pdb_get_acct_ctrl(pwd);
+
 	/* if it's a trust account, don't update /etc/passwd */
 	if (    ( (acct_ctrl &  ACB_DOMTRUST) == ACB_DOMTRUST ) ||
 		( (acct_ctrl &  ACB_WSTRUST) ==  ACB_WSTRUST) ||
 		( (acct_ctrl &  ACB_SVRTRUST) ==  ACB_SVRTRUST) ) {
 		DEBUG(5, ("Changing trust account.  Not updating /etc/passwd\n"));
-	} else  {
+	} else if (plaintext_buf) {
 		/* update the UNIX password */
 		if (lp_unix_password_sync() ) {
 			struct passwd *passwd;
@@ -4032,7 +3905,9 @@ static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
 		}
 	}
 
-	memset(plaintext_buf, '\0', strlen(plaintext_buf));
+	if (plaintext_buf) {
+		memset(plaintext_buf, '\0', strlen(plaintext_buf));
+	}
 
 	if (IS_SAM_CHANGED(pwd, PDB_GROUPSID) &&
 	    (!NT_STATUS_IS_OK(status =  pdb_set_unix_primary_group(mem_ctx,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list