[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Mon Jan 15 21:17:02 UTC 2018


The branch, master has been updated
       via  05ebafd s3:rpc_client: Clenup copy_netr_SamInfo3() code
       via  bfc727f s3:winbind: Use a stackframe and cleanup when leaving
       via  00d176c s3:winbind: Use a goto for cleaning up at the end
       via  264249d s3:winbindd: Improve logic so it is easier to understand
      from  0d62579 VERSION: Bump version up to 4.9.0pre1...

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 05ebafd91ee2dd511372ce63d656e9fc6735ee28
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Jan 11 09:06:31 2018 +0100

    s3:rpc_client: Clenup copy_netr_SamInfo3() code
    
    This gets rid of some strange macro and makes sure we clenaup at the
    end.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Mon Jan 15 22:16:13 CET 2018 on sn-devel-144

commit bfc727f0b2d837a97fc9eb94a8811f23a656c4e4
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Jan 11 09:37:22 2018 +0100

    s3:winbind: Use a stackframe and cleanup when leaving
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit 00d176c6c592af59cc14271de4af1614578090a3
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Jan 11 09:27:50 2018 +0100

    s3:winbind: Use a goto for cleaning up at the end
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit 264249db0f5515d8333d16218f1553ae9f0e7193
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Jan 11 09:23:05 2018 +0100

    s3:winbindd: Improve logic so it is easier to understand
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13209
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_util.c           | 14 +++---
 source3/auth/server_info.c         | 45 ++++++++++++-------
 source3/rpc_client/util_netlogon.c | 80 +++++++++++++++++++--------------
 source3/rpc_client/util_netlogon.h |  5 ++-
 source3/winbindd/winbindd_pam.c    | 90 +++++++++++++++++++-------------------
 5 files changed, 133 insertions(+), 101 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 5bb5a69..f543b33 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1008,6 +1008,7 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo_guest(TALLO
 									   struct auth_serversupplied_info *server_info)
 {
 	struct auth_serversupplied_info *dst;
+	NTSTATUS status;
 
 	dst = make_server_info(mem_ctx);
 	if (dst == NULL) {
@@ -1055,8 +1056,10 @@ static struct auth_serversupplied_info *copy_session_info_serverinfo_guest(TALLO
 	dst->lm_session_key = data_blob_talloc(dst, src->session_key.data,
 						src->session_key.length);
 
-	dst->info3 = copy_netr_SamInfo3(dst, server_info->info3);
-	if (!dst->info3) {
+	status = copy_netr_SamInfo3(dst,
+				    server_info->info3,
+				    &dst->info3);
+	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(dst);
 		return NULL;
 	}
@@ -1433,9 +1436,10 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
 	result->unix_name = talloc_strdup(result, found_username);
 
 	/* copy in the info3 */
-	result->info3 = copy_netr_SamInfo3(result, info3);
-	if (result->info3 == NULL) {
-		nt_status = NT_STATUS_NO_MEMORY;
+	nt_status = copy_netr_SamInfo3(result,
+				       info3,
+				       &result->info3);
+	if (!NT_STATUS_IS_OK(nt_status)) {
 		goto out;
 	}
 
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 20d43d2..7898175 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -63,11 +63,14 @@ struct auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx)
 NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info,
 				struct netr_SamInfo2 *sam2)
 {
-	struct netr_SamInfo3 *info3;
+	struct netr_SamInfo3 *info3 = NULL;
+	NTSTATUS status;
 
-	info3 = copy_netr_SamInfo3(sam2, server_info->info3);
-	if (!info3) {
-		return NT_STATUS_NO_MEMORY;
+	status = copy_netr_SamInfo3(sam2,
+				    server_info->info3,
+				    &info3);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
 	if (server_info->session_key.length) {
@@ -96,11 +99,14 @@ NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info,
 NTSTATUS serverinfo_to_SamInfo3(const struct auth_serversupplied_info *server_info,
 				struct netr_SamInfo3 *sam3)
 {
-	struct netr_SamInfo3 *info3;
+	struct netr_SamInfo3 *info3 = NULL;
+	NTSTATUS status;
 
-	info3 = copy_netr_SamInfo3(sam3, server_info->info3);
-	if (!info3) {
-		return NT_STATUS_NO_MEMORY;
+	status = copy_netr_SamInfo3(sam3,
+				    server_info->info3,
+				    &info3);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
 	if (server_info->session_key.length) {
@@ -133,7 +139,8 @@ NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
 				struct netr_SamInfo6 *sam6)
 {
 	struct pdb_domain_info *dominfo;
-	struct netr_SamInfo3 *info3;
+	struct netr_SamInfo3 *info3 = NULL;
+	NTSTATUS status;
 
 	if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
 		DEBUG(10,("Not adding validation info level 6 "
@@ -146,9 +153,11 @@ NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	info3 = copy_netr_SamInfo3(sam6, server_info->info3);
-	if (!info3) {
-		return NT_STATUS_NO_MEMORY;
+	status = copy_netr_SamInfo3(sam6,
+				    server_info->info3,
+				    &info3);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
 	if (server_info->session_key.length) {
@@ -335,11 +344,15 @@ NTSTATUS create_info3_from_pac_logon_info(TALLOC_CTX *mem_ctx,
 					struct netr_SamInfo3 **pp_info3)
 {
 	NTSTATUS status;
-	struct netr_SamInfo3 *info3 = copy_netr_SamInfo3(mem_ctx,
-					&logon_info->info3);
-	if (info3 == NULL) {
-		return NT_STATUS_NO_MEMORY;
+	struct netr_SamInfo3 *info3 = NULL;
+
+	status = copy_netr_SamInfo3(mem_ctx,
+				    &logon_info->info3,
+				    &info3);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
+
 	status = merge_resource_sids(logon_info, info3);
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(info3);
diff --git a/source3/rpc_client/util_netlogon.c b/source3/rpc_client/util_netlogon.c
index ac804f8..15c769f 100644
--- a/source3/rpc_client/util_netlogon.c
+++ b/source3/rpc_client/util_netlogon.c
@@ -62,45 +62,52 @@ NTSTATUS copy_netr_SamBaseInfo(TALLOC_CTX *mem_ctx,
 	return NT_STATUS_OK;
 }
 
-#undef RET_NOMEM
-
-#define RET_NOMEM(ptr) do { \
-	if (!ptr) { \
-		TALLOC_FREE(info3); \
-		return NULL; \
-	} } while(0)
-
-struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
-					 const struct netr_SamInfo3 *orig)
+NTSTATUS copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
+			    const struct netr_SamInfo3 *in,
+			    struct netr_SamInfo3 **pout)
 {
-	struct netr_SamInfo3 *info3;
+	struct netr_SamInfo3 *info3 = NULL;
 	unsigned int i;
-	NTSTATUS status;
+	NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
 
 	info3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
-	if (!info3) return NULL;
+	if (info3 == NULL) {
+		status = NT_STATUS_NO_MEMORY;
+		goto out;
+	}
 
-	status = copy_netr_SamBaseInfo(info3, &orig->base, &info3->base);
+	status = copy_netr_SamBaseInfo(info3, &in->base, &info3->base);
 	if (!NT_STATUS_IS_OK(status)) {
-		TALLOC_FREE(info3);
-		return NULL;
+		goto out;
 	}
 
-	if (orig->sidcount) {
-		info3->sidcount = orig->sidcount;
+	if (in->sidcount) {
+		info3->sidcount = in->sidcount;
 		info3->sids = talloc_array(info3, struct netr_SidAttr,
-					   orig->sidcount);
-		RET_NOMEM(info3->sids);
-		for (i = 0; i < orig->sidcount; i++) {
+					   in->sidcount);
+		if (info3->sids == NULL) {
+			status = NT_STATUS_NO_MEMORY;
+			goto out;
+		}
+
+		for (i = 0; i < in->sidcount; i++) {
 			info3->sids[i].sid = dom_sid_dup(info3->sids,
-							    orig->sids[i].sid);
-			RET_NOMEM(info3->sids[i].sid);
-			info3->sids[i].attributes =
-				orig->sids[i].attributes;
+							 in->sids[i].sid);
+			if (info3->sids[i].sid == NULL) {
+				status = NT_STATUS_NO_MEMORY;
+				goto out;
+			}
+			info3->sids[i].attributes = in->sids[i].attributes;
 		}
 	}
 
-	return info3;
+	*pout = info3;
+	info3 = NULL;
+
+	status = NT_STATUS_OK;
+out:
+	TALLOC_FREE(info3);
+	return status;
 }
 
 NTSTATUS map_validation_to_info3(TALLOC_CTX *mem_ctx,
@@ -108,7 +115,7 @@ NTSTATUS map_validation_to_info3(TALLOC_CTX *mem_ctx,
 				 union netr_Validation *validation,
 				 struct netr_SamInfo3 **info3_p)
 {
-	struct netr_SamInfo3 *info3;
+	struct netr_SamInfo3 *info3 = NULL;
 	struct netr_SamInfo6 *info6 = NULL;
 	NTSTATUS status;
 
@@ -122,10 +129,13 @@ NTSTATUS map_validation_to_info3(TALLOC_CTX *mem_ctx,
 			return NT_STATUS_INVALID_PARAMETER;
 		}
 
-		info3 = copy_netr_SamInfo3(mem_ctx, validation->sam3);
-		if (info3 == NULL) {
-			return NT_STATUS_NO_MEMORY;
+		status = copy_netr_SamInfo3(mem_ctx,
+					    validation->sam3,
+					    &info3);
+		if (!NT_STATUS_IS_OK(status)) {
+			return status;
 		}
+
 		break;
 	case 6:
 		if (validation->sam6 == NULL) {
@@ -186,16 +196,18 @@ NTSTATUS map_info3_to_validation(TALLOC_CTX *mem_ctx,
 				 union netr_Validation **_validation)
 {
 	union netr_Validation *validation = NULL;
+	NTSTATUS status;
 
 	validation = talloc_zero(mem_ctx, union netr_Validation);
 	if (validation == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	validation->sam3 = copy_netr_SamInfo3(mem_ctx, info3);
-	if (validation->sam3 == NULL) {
-		TALLOC_FREE(validation);
-		return NT_STATUS_NO_MEMORY;
+	status = copy_netr_SamInfo3(mem_ctx,
+				    info3,
+				    &validation->sam3);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
 	* _validation_level = 3;
diff --git a/source3/rpc_client/util_netlogon.h b/source3/rpc_client/util_netlogon.h
index 80c7bff..8b3a372 100644
--- a/source3/rpc_client/util_netlogon.h
+++ b/source3/rpc_client/util_netlogon.h
@@ -25,8 +25,9 @@
 NTSTATUS copy_netr_SamBaseInfo(TALLOC_CTX *mem_ctx,
 			       const struct netr_SamBaseInfo *in,
 			       struct netr_SamBaseInfo *out);
-struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
-					 const struct netr_SamInfo3 *orig);
+NTSTATUS copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
+			    const struct netr_SamInfo3 *in,
+			    struct netr_SamInfo3 **pout);
 NTSTATUS map_validation_to_info3(TALLOC_CTX *mem_ctx,
 				 uint16_t validation_level,
 				 union netr_Validation *validation,
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index de3e3f5..9a61cd3 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -56,16 +56,17 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
 				    union netr_Validation *validation)
 {
 	struct netr_SamInfo3 *info3 = NULL;
-	char *ex;
+	char *ex = NULL;
 	uint32_t i;
-	NTSTATUS status;
+	NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+	TALLOC_CTX *frame = talloc_stackframe();
 
-	status = map_validation_to_info3(talloc_tos(),
+	status = map_validation_to_info3(frame,
 					 validation_level,
 					 validation,
 					 &info3);
 	if (!NT_STATUS_IS_OK(status)) {
-		return status;
+		goto out;
 	}
 
 	resp->data.auth.info3.logon_time =
@@ -120,10 +121,10 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
 			validation->sam6->principal_name.string);
 	}
 
-	ex = talloc_strdup(mem_ctx, "");
+	ex = talloc_strdup(frame, "");
 	if (ex == NULL) {
-		TALLOC_FREE(info3);
-		return NT_STATUS_NO_MEMORY;
+		status = NT_STATUS_NO_MEMORY;
+		goto out;
 	}
 
 	for (i=0; i < info3->base.groups.count; i++) {
@@ -131,36 +132,36 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
 						   info3->base.groups.rids[i].rid,
 						   info3->base.groups.rids[i].attributes);
 		if (ex == NULL) {
-			TALLOC_FREE(info3);
-			return NT_STATUS_NO_MEMORY;
+			status = NT_STATUS_NO_MEMORY;
+			goto out;
 		}
 	}
 
 	for (i=0; i < info3->sidcount; i++) {
 		char *sid;
 
-		sid = dom_sid_string(mem_ctx, info3->sids[i].sid);
+		sid = dom_sid_string(frame, info3->sids[i].sid);
 		if (sid == NULL) {
-			TALLOC_FREE(info3);
-			return NT_STATUS_NO_MEMORY;
+			status = NT_STATUS_NO_MEMORY;
+			goto out;
 		}
 
 		ex = talloc_asprintf_append_buffer(ex, "%s:0x%08X\n",
 						   sid,
 						   info3->sids[i].attributes);
 		if (ex == NULL) {
-			TALLOC_FREE(info3);
-			return NT_STATUS_NO_MEMORY;
+			status = NT_STATUS_NO_MEMORY;
+			goto out;
 		}
-
-		talloc_free(sid);
 	}
 
-	resp->extra_data.data = ex;
 	resp->length += talloc_get_size(ex);
+	resp->extra_data.data = talloc_move(mem_ctx, &ex);
 
-	TALLOC_FREE(info3);
-	return NT_STATUS_OK;
+	status = NT_STATUS_OK;
+out:
+	TALLOC_FREE(frame);
+	return status;
 }
 
 static NTSTATUS append_info3_as_ndr(TALLOC_CTX *mem_ctx,
@@ -889,14 +890,14 @@ NTSTATUS append_auth_data(TALLOC_CTX *mem_ctx,
 			  const char *name_user)
 {
 	struct netr_SamInfo3 *info3 = NULL;
-	NTSTATUS result;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 
 	result = map_validation_to_info3(talloc_tos(),
 					 validation_level,
 					 validation,
 					 &info3);
 	if (!NT_STATUS_IS_OK(result)) {
-		return result;
+		goto out;
 	}
 
 	if (request_flags & WBFLAG_PAM_USER_SESSION_KEY) {
@@ -919,8 +920,7 @@ NTSTATUS append_auth_data(TALLOC_CTX *mem_ctx,
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(10,("Failed to append Unix Username: %s\n",
 				nt_errstr(result)));
-			TALLOC_FREE(info3);
-			return result;
+			goto out;
 		}
 	}
 
@@ -931,8 +931,7 @@ NTSTATUS append_auth_data(TALLOC_CTX *mem_ctx,
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(10,("Failed to append INFO3 (NDR): %s\n",
 				nt_errstr(result)));
-			TALLOC_FREE(info3);
-			return result;
+			goto out;
 		}
 	}
 
@@ -943,8 +942,7 @@ NTSTATUS append_auth_data(TALLOC_CTX *mem_ctx,
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(10,("Failed to append INFO3 (TXT): %s\n",
 				nt_errstr(result)));
-			TALLOC_FREE(info3);
-			return result;
+			goto out;
 		}
 	}
 
@@ -954,13 +952,14 @@ NTSTATUS append_auth_data(TALLOC_CTX *mem_ctx,
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(10,("Failed to append AFS token: %s\n",
 				nt_errstr(result)));
-			TALLOC_FREE(info3);
-			return result;
+			goto out;
 		}
 	}
 
+	result = NT_STATUS_OK;
+out:
 	TALLOC_FREE(info3);
-	return NT_STATUS_OK;
+	return result;
 }
 
 static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
@@ -1683,22 +1682,24 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(
 			true, /* interactive */
 			&authoritative,
 			&info3);
-		if (NT_STATUS_IS_OK(result)) {
-			result = map_info3_to_validation(mem_ctx,
-							 info3,
-							 &validation_level,
-							 &validation);
-			TALLOC_FREE(info3);
-			if (!NT_STATUS_IS_OK(result)) {
-				goto done;
-			}
-		}
 
 		/*
 		 * We need to try the remote NETLOGON server if this is
 		 * not authoritative (for example on the RODC).
 		 */
 		if (authoritative != 0) {
+			if (NT_STATUS_IS_OK(result)) {
+				result = map_info3_to_validation(
+						mem_ctx,
+						info3,
+						&validation_level,
+						&validation);
+				TALLOC_FREE(info3);
+				if (!NT_STATUS_IS_OK(result)) {
+					goto done;
+				}
+			}
+
 			goto done;
 		}
 	}
@@ -2915,10 +2916,11 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
 			 * returning a copy talloc'ed off
 			 * the state->mem_ctx.
 			 */
-			info3_copy = copy_netr_SamInfo3(state->mem_ctx,
-					&logon_info->info3);
-			if (info3_copy == NULL) {
-				return NT_STATUS_NO_MEMORY;
+			result = copy_netr_SamInfo3(state->mem_ctx,
+						    &logon_info->info3,
+						    &info3_copy);
+			if (!NT_STATUS_IS_OK(result)) {
+				return result;
 			}
 		}
 	}


-- 
Samba Shared Repository



More information about the samba-cvs mailing list