[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Wed Nov 13 05:35:03 MST 2013 

The branch, master has been updated
       via  1c9c2e3 s4:rpc-server: fix lsa_lookupsids return value for the domain sid
       via  29d8edf s4:rpc-server: fix use after free in dcesrv_lsa_lookup_sid()
       via  00c6749 wbinfo: fix output of wbinfo --sid-to-name for sids of type DOMAIN
       via  f724093 wbinfo: fix output of "--lookup-sids" to use the configured winbind separator
       via  fdf28f0 wbinfo: fix ouptput of --lookup-sids for sids of type DOMAIN
       via  f23fbbf rpcclient: fix output of lsalookupsids for sids of type DOMAIN
      from  55b3d87 heimdal: Fix CID 240779 Allocation size mismatch

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1c9c2e3b65c5550ff5cb5bc5687905a1dfda2fe4
Author: Michael Adam <obnox at samba.org>
Date:   Wed Sep 18 09:33:07 2013 +0200

    s4:rpc-server: fix lsa_lookupsids return value for the domain sid
    
    We currently return type UNKNOWN and copy the domain sid to the name.
    Instead we should return type DOMAIN and return NULL as name.
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Wed Nov 13 13:34:16 CET 2013 on sn-devel-104

commit 29d8edfe4349aa80c4f4a4da53aaaab50871f60c
Author: Michael Adam <obnox at samba.org>
Date:   Fri Nov 8 11:15:33 2013 +0100

    s4:rpc-server: fix use after free in dcesrv_lsa_lookup_sid()
    
    Authority name may be accessed after
    state has gone away and take domain_name with it.
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit 00c674985fda152eea366d6b94712ba183527f9a
Author: Michael Adam <obnox at samba.org>
Date:   Sat Sep 21 21:02:00 2013 +0200

    wbinfo: fix output of wbinfo --sid-to-name for sids of type DOMAIN
    
    to print only the domain name and not "DOMIN\<SID>".
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit f7240932afdc1a50cdb9f43f8d3752a5717163de
Author: Michael Adam <obnox at samba.org>
Date:   Sat Sep 21 21:03:40 2013 +0200

    wbinfo: fix output of "--lookup-sids" to use the configured winbind separator
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit fdf28f0898de9372dde58735e4af8e15e3536d99
Author: Michael Adam <obnox at samba.org>
Date:   Sat Sep 21 10:35:57 2013 +0200

    wbinfo: fix ouptput of --lookup-sids for sids of type DOMAIN
    
    To print only the domain name and not "DOMIN\<SID>".
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit f23fbbf73574d9cf0891751d57a33e5fdfa6abcf
Author: Michael Adam <obnox at samba.org>
Date:   Wed Sep 18 09:32:17 2013 +0200

    rpcclient: fix output of lsalookupsids for sids of type DOMAIN
    
    For domain sids, don't print NAME\*unknown* but print NAME instead.
    
    Signed-off-by: Michael Adam <obnox at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 nsswitch/wbinfo.c                   |   21 ++++++++++++++++-----
 source3/rpcclient/cmd_lsarpc.c      |   13 ++++++++++---
 source4/rpc_server/lsa/lsa_lookup.c |   15 ++++++++++++++-
 3 files changed, 40 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index c3e3ad3..61acd1a 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -1222,8 +1222,12 @@ static bool wbinfo_lookupsid(const char *sid_str)
 
 	/* Display response */
 
-	d_printf("%s%c%s %d\n",
-		 domain, winbind_separator(), name, type);
+	if (type == WBC_SID_NAME_DOMAIN) {
+		d_printf("%s %d\n", domain, type);
+	} else {
+		d_printf("%s%c%s %d\n",
+			 domain, winbind_separator(), name, type);
+	}
 
 	wbcFreeMemory(domain);
 	wbcFreeMemory(name);
@@ -1393,9 +1397,16 @@ static bool wbinfo_lookup_sids(const char *arg)
 	for (i=0; i<num_sids; i++) {
 		wbcSidToStringBuf(&sids[i], sidstr, sizeof(sidstr));
 
-		d_printf("%s -> %s\\%s %d\n", sidstr,
-			 domains[names[i].domain_index].short_name,
-			 names[i].name, names[i].type);
+		if (names[i].type == WBC_SID_NAME_DOMAIN) {
+			d_printf("%s -> %s %d\n", sidstr,
+				 domains[names[i].domain_index].short_name,
+				 names[i].type);
+		} else {
+			d_printf("%s -> %s%c%s %d\n", sidstr,
+				 domains[names[i].domain_index].short_name,
+				 winbind_separator(),
+				 names[i].name, names[i].type);
+		}
 	}
 	wbcFreeMemory(names);
 	wbcFreeMemory(domains);
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index cbc089f..503e0fb 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -430,9 +430,16 @@ static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem
 		fstring sid_str;
 
 		sid_to_fstring(sid_str, &sids[i]);
-		printf("%s %s\\%s (%d)\n", sid_str, 
-		       domains[i] ? domains[i] : "*unknown*", 
-		       names[i] ? names[i] : "*unknown*", types[i]);
+		if (types[i] == SID_NAME_DOMAIN) {
+			printf("%s %s (%d)\n", sid_str,
+			       domains[i] ? domains[i] : "*unknown*",
+			       types[i]);
+		} else {
+			printf("%s %s\\%s (%d)\n", sid_str,
+			       domains[i] ? domains[i] : "*unknown*",
+			       names[i] ? names[i] : "*unknown*",
+			       types[i]);
+		}
 	}
 
 	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c
index c9c07cf..fb4767d 100644
--- a/source4/rpc_server/lsa/lsa_lookup.c
+++ b/source4/rpc_server/lsa/lsa_lookup.c
@@ -531,8 +531,21 @@ static NTSTATUS dcesrv_lsa_lookup_sid(struct lsa_policy_state *state, TALLOC_CTX
 		return status;
 	}
 
+	if (dom_sid_equal(state->domain_sid, sid)) {
+		*authority_name = talloc_strdup(mem_ctx, state->domain_name);
+		if (*authority_name == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
+		*name = NULL;
+		*rtype = SID_NAME_DOMAIN;
+		return NT_STATUS_OK;
+	}
+
 	if (dom_sid_in_domain(state->domain_sid, sid)) {
-		*authority_name = state->domain_name;
+		*authority_name = talloc_strdup(mem_ctx, state->domain_name);
+		if (*authority_name == NULL) {
+			return NT_STATUS_NO_MEMORY;
+		}
 		domain_dn = state->domain_dn;
 	} else if (dom_sid_in_domain(state->builtin_sid, sid)) {
 		*authority_name = NAME_BUILTIN;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list