[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-787-gd7b39a3
Andrew Bartlett
abartlet at samba.org
Tue Aug 4 00:10:47 MDT 2009
The branch, master has been updated
via d7b39a353ab757d7f7914d08226114fc275032e8 (commit)
via 9b02d2391443c3c56d607d034d9d200703aa840b (commit)
from 1937ab3668e6a4667ac4334a6e1bea2cc75cfb1d (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d7b39a353ab757d7f7914d08226114fc275032e8
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 4 16:07:18 2009 +1000
s4:ldif_handlers Allow a binary nTsecurityDescriptor when parsing LDIF
Also allow a SDDL security descriptor, using the domain SID attached
to the session (it will search for it during the LDIF parse if need
be).
Andrew Bartlett
commit 9b02d2391443c3c56d607d034d9d200703aa840b
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 4 14:36:14 2009 +1000
s4:netlogon Fix warnings and segfault in GetDomainInfo call
- Correctly use samdb_search_string to do a 'base' search
(this needs a NULL, not a "" argument for the format string)
- There is no need (and it caused a security hole) to use
talloc_asprintf() with the only argument being the string to
duplicate.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
source4/lib/ldb-samba/ldif_handlers.c | 18 +++++++++++++++++-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 9 +++++----
2 files changed, 22 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c
index d2f26e7..606d4df 100644
--- a/source4/lib/ldb-samba/ldif_handlers.c
+++ b/source4/lib/ldb-samba/ldif_handlers.c
@@ -314,18 +314,34 @@ static int ldif_read_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ctx
const struct ldb_val *in, struct ldb_val *out)
{
struct security_descriptor *sd;
+
enum ndr_err_code ndr_err;
- sd = sddl_decode(mem_ctx, (const char *)in->data, NULL);
+ sd = talloc(mem_ctx, struct security_descriptor);
if (sd == NULL) {
return -1;
}
+
+ ndr_err = ndr_pull_struct_blob(in, sd, NULL, sd,
+ (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ /* If this does not parse, then it is probably SDDL, and we should try it that way */
+
+ struct dom_sid *sid = samdb_domain_sid(ldb);
+ talloc_free(sd);
+ sd = sddl_decode(mem_ctx, (const char *)in->data, sid);
+ if (sd == NULL) {
+ return -1;
+ }
+ }
+
ndr_err = ndr_push_struct_blob(out, mem_ctx, NULL, sd,
(ndr_push_flags_fn_t)ndr_push_security_descriptor);
talloc_free(sd);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
return -1;
}
+
return 0;
}
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 4fedf54..cee94d8 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1157,8 +1157,9 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal
NT_STATUS_HAVE_NO_MEMORY(workstation_dn);
/* Gets the old DNS hostname */
- old_dns_hostname = samdb_search_string_v(sam_ctx, mem_ctx,
- workstation_dn, "dNSHostName", "", NULL);
+ old_dns_hostname = samdb_search_string(sam_ctx, mem_ctx,
+ workstation_dn, "dNSHostName",
+ NULL);
/* Gets host informations and put them in our directory */
new_msg = ldb_msg_new(mem_ctx);
@@ -1197,8 +1198,8 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal
os_version = &r->in.query->workstation_info->os_version.os->os;
samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
- "operatingSystemServicePack",
- talloc_asprintf(mem_ctx, os_version->CSDVersion));
+ "operatingSystemServicePack",
+ os_version->CSDVersion);
samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
"operatingSystemVersion",
--
Samba Shared Repository
More information about the samba-cvs
mailing list