[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Fri Aug 21 15:49:02 UTC 2015
The branch, master has been updated
via f504681 uwrap: Bump version to 1.1.1
via a71610c uwrap: Removed double newline
via fc68e84 uwrap: Fix build if getres(uid|gid) are not available.
via 6363c02 s3-auth: Fix a memory leak in make_server_info_info3()
via e8c7693 s3-auth: Pass nt_username to check_account()
via 34965d4 s3-auth: Fix 'map to guest = Bad Uid' support
from 53e8d52 param: Use talloc_pooled_object
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f504681c830d1750642d3026ac54fc6593ba246e
Author: Andreas Schneider <asn at samba.org>
Date: Fri Aug 21 11:06:07 2015 +0200
uwrap: Bump version to 1.1.1
Signed-off-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Aug 21 17:48:45 CEST 2015 on sn-devel-104
commit a71610cbfaa8e4e6790ab8041f5f2e6cc1e5071f
Author: Andreas Schneider <asn at samba.org>
Date: Fri Aug 21 11:05:24 2015 +0200
uwrap: Removed double newline
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit fc68e845e23f2c83726cd9d658770c49296238cb
Author: Andreas Schneider <asn at samba.org>
Date: Fri Aug 21 11:04:49 2015 +0200
uwrap: Fix build if getres(uid|gid) are not available.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 6363c0232c2238e1a782e9c22ef762e3ff9b7563
Author: Andreas Schneider <asn at samba.org>
Date: Wed Aug 19 16:19:30 2015 +0200
s3-auth: Fix a memory leak in make_server_info_info3()
We call make_server_info(NULL) and it is possible that we do not free
it, because server_info is not allocated on the memory context we pass
to the function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
commit e8c76932e4ac192a00afa3b9731f5921c4b37da6
Author: Andreas Schneider <asn at samba.org>
Date: Wed Aug 19 16:24:08 2015 +0200
s3-auth: Pass nt_username to check_account()
We set nt_username above but do not use it in this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
commit 34965d4d98d172e848e2b96fad8a9e0b99288ba7
Author: Andreas Schneider <asn at samba.org>
Date: Wed Aug 19 16:11:47 2015 +0200
s3-auth: Fix 'map to guest = Bad Uid' support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/uid_wrapper/uid_wrapper.c | 10 ++++-----
lib/uid_wrapper/wscript | 2 +-
source3/auth/auth_util.c | 48 +++++++++++++++++++++++++++++++------------
3 files changed, 41 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c
index 1d49a85..2961b87 100644
--- a/lib/uid_wrapper/uid_wrapper.c
+++ b/lib/uid_wrapper/uid_wrapper.c
@@ -1537,7 +1537,7 @@ static long int uwrap_syscall (long int sysno, va_list vp)
}
break;
#endif /* SYS_setresgid */
-#ifdef SYS_getresgid
+#if defined(SYS_getresgid) && defined(HAVE_GETRESGID)
case SYS_getresgid:
#ifdef HAVE_LINUX_32BIT_SYSCALLS
case SYS_getresgid32:
@@ -1550,7 +1550,7 @@ static long int uwrap_syscall (long int sysno, va_list vp)
rc = uwrap_getresgid(rgid, egid, sgid);
}
break;
-#endif /* SYS_getresgid */
+#endif /* SYS_getresgid && HAVE_GETRESGID */
/* uid */
case SYS_getuid:
@@ -1606,7 +1606,7 @@ static long int uwrap_syscall (long int sysno, va_list vp)
}
break;
#endif /* SYS_setresuid */
-#ifdef SYS_getresuid
+#if defined(SYS_getresuid) && defined(HAVE_GETRESUID)
case SYS_getresuid:
#ifdef HAVE_LINUX_32BIT_SYSCALLS
case SYS_getresuid32:
@@ -1619,7 +1619,7 @@ static long int uwrap_syscall (long int sysno, va_list vp)
rc = uwrap_getresuid(ruid, euid, suid);
}
break;
-#endif /* SYS_getresuid */
+#endif /* SYS_getresuid && HAVE_GETRESUID*/
/* groups */
case SYS_setgroups:
#ifdef HAVE_LINUX_32BIT_SYSCALLS
@@ -1634,7 +1634,7 @@ static long int uwrap_syscall (long int sysno, va_list vp)
break;
default:
UWRAP_LOG(UWRAP_LOG_DEBUG,
- "UID_WRAPPER calling non-wrapped syscall %lu\n",
+ "UID_WRAPPER calling non-wrapped syscall %lu",
sysno);
rc = libc_vsyscall(sysno, vp);
diff --git a/lib/uid_wrapper/wscript b/lib/uid_wrapper/wscript
index b5b1f7a..016b33a 100644
--- a/lib/uid_wrapper/wscript
+++ b/lib/uid_wrapper/wscript
@@ -3,7 +3,7 @@
import Options
import os, sys
-VERSION="1.1.0"
+VERSION="1.1.1"
def configure(conf):
if conf.CHECK_BUNDLED_SYSTEM('uid_wrapper', minversion=VERSION, set_target=False):
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 69e150f..b079d04 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1349,6 +1349,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
bool username_was_mapped;
struct passwd *pwd;
struct auth_serversupplied_info *result;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
/*
Here is where we should check the list of
@@ -1357,15 +1358,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
*/
if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!sid_compose(&group_sid, info3->base.domain_sid,
info3->base.primary_gid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
- nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string);
+ nt_username = talloc_strdup(tmp_ctx, info3->base.account_name.string);
if (!nt_username) {
/* If the server didn't give us one, just use the one we sent
* them */
@@ -1392,18 +1395,33 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* this call will try to create the user if necessary */
- nt_status = check_account(mem_ctx, nt_domain, sent_nt_username,
- &found_username, &pwd,
- &username_was_mapped);
+ nt_status = check_account(tmp_ctx,
+ nt_domain,
+ nt_username,
+ &found_username,
+ &pwd,
+ &username_was_mapped);
if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
+ /* Handle 'map to guest = Bad Uid */
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) &&
+ (lp_security() == SEC_ADS || lp_security() == SEC_DOMAIN) &&
+ lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) {
+ DBG_NOTICE("Try to map %s to guest account",
+ nt_username);
+ nt_status = make_server_info_guest(tmp_ctx, &result);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ *server_info = talloc_move(mem_ctx, &result);
+ }
+ }
+ goto out;
}
- result = make_server_info(NULL);
+ result = make_server_info(tmp_ctx);
if (result == NULL) {
DEBUG(4, ("make_server_info failed!\n"));
- return NT_STATUS_NO_MEMORY;
+ nt_status = NT_STATUS_NO_MEMORY;
+ goto out;
}
result->unix_name = talloc_strdup(result, found_username);
@@ -1411,8 +1429,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* copy in the info3 */
result->info3 = copy_netr_SamInfo3(result, info3);
if (result->info3 == NULL) {
- TALLOC_FREE(result);
- return NT_STATUS_NO_MEMORY;
+ nt_status = NT_STATUS_NO_MEMORY;
+ goto out;
}
/* Fill in the unix info we found on the way */
@@ -1442,9 +1460,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
result->guest = (info3->base.user_flags & NETLOGON_GUEST);
- *server_info = result;
+ *server_info = talloc_move(mem_ctx, &result);
- return NT_STATUS_OK;
+ nt_status = NT_STATUS_OK;
+out:
+ talloc_free(tmp_ctx);
+
+ return nt_status;
}
/*****************************************************************************
--
Samba Shared Repository
More information about the samba-cvs
mailing list