1 |
vip-ire |
1.1 |
From 4438a33e0e3621e9b178620ba0e543069bf85012 Mon Sep 17 00:00:00 2001 |
2 |
|
|
From: Andreas Schneider <asn@samba.org> |
3 |
|
|
Date: Wed, 19 Aug 2015 16:11:47 +0200 |
4 |
|
|
Subject: [PATCH 1/3] s3-auth: Fix 'map to guest = Bad Uid' support |
5 |
|
|
|
6 |
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
7 |
|
|
|
8 |
|
|
Signed-off-by: Andreas Schneider <asn@samba.org> |
9 |
|
|
Reviewed-by: Guenther Deschner <gd@samba.org> |
10 |
|
|
(cherry picked from commit 34965d4d98d172e848e2b96fad8a9e0b99288ba7) |
11 |
|
|
--- |
12 |
|
|
source3/auth/auth_util.c | 8 ++++++++ |
13 |
|
|
1 file changed, 8 insertions(+) |
14 |
|
|
|
15 |
|
|
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
16 |
|
|
index 1c2cf80..dcf173d 100644 |
17 |
|
|
--- a/source3/auth/auth_util.c |
18 |
|
|
+++ b/source3/auth/auth_util.c |
19 |
|
|
@@ -1397,6 +1397,14 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
20 |
|
|
&username_was_mapped); |
21 |
|
|
|
22 |
|
|
if (!NT_STATUS_IS_OK(nt_status)) { |
23 |
|
|
+ /* Handle 'map to guest = Bad Uid */ |
24 |
|
|
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) && |
25 |
|
|
+ (lp_security() == SEC_ADS || lp_security() == SEC_DOMAIN) && |
26 |
|
|
+ lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) { |
27 |
|
|
+ DEBUG(2, ("Try to map %s to guest account", |
28 |
|
|
+ nt_username)); |
29 |
|
|
+ return make_server_info_guest(mem_ctx, server_info); |
30 |
|
|
+ } |
31 |
|
|
return nt_status; |
32 |
|
|
} |
33 |
|
|
|
34 |
|
|
-- |
35 |
|
|
2.5.0 |
36 |
|
|
|
37 |
|
|
|
38 |
|
|
From e0cfca754ed1c540f3b8a5adcea3bd85aac74930 Mon Sep 17 00:00:00 2001 |
39 |
|
|
From: Andreas Schneider <asn@samba.org> |
40 |
|
|
Date: Wed, 19 Aug 2015 16:24:08 +0200 |
41 |
|
|
Subject: [PATCH 2/3] s3-auth: Pass nt_username to check_account() |
42 |
|
|
|
43 |
|
|
We set nt_username above but do not use it in this function. |
44 |
|
|
|
45 |
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
46 |
|
|
|
47 |
|
|
Signed-off-by: Andreas Schneider <asn@samba.org> |
48 |
|
|
Reviewed-by: Guenther Deschner <gd@samba.org> |
49 |
|
|
(cherry picked from commit e8c76932e4ac192a00afa3b9731f5921c4b37da6) |
50 |
|
|
--- |
51 |
|
|
source3/auth/auth_util.c | 9 ++++++--- |
52 |
|
|
1 file changed, 6 insertions(+), 3 deletions(-) |
53 |
|
|
|
54 |
|
|
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
55 |
|
|
index dcf173d..688072e 100644 |
56 |
|
|
--- a/source3/auth/auth_util.c |
57 |
|
|
+++ b/source3/auth/auth_util.c |
58 |
|
|
@@ -1392,9 +1392,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
59 |
|
|
|
60 |
|
|
/* this call will try to create the user if necessary */ |
61 |
|
|
|
62 |
|
|
- nt_status = check_account(mem_ctx, nt_domain, sent_nt_username, |
63 |
|
|
- &found_username, &pwd, |
64 |
|
|
- &username_was_mapped); |
65 |
|
|
+ nt_status = check_account(mem_ctx, |
66 |
|
|
+ nt_domain, |
67 |
|
|
+ nt_username, |
68 |
|
|
+ &found_username, |
69 |
|
|
+ &pwd, |
70 |
|
|
+ &username_was_mapped); |
71 |
|
|
|
72 |
|
|
if (!NT_STATUS_IS_OK(nt_status)) { |
73 |
|
|
/* Handle 'map to guest = Bad Uid */ |
74 |
|
|
-- |
75 |
|
|
2.5.0 |
76 |
|
|
|
77 |
|
|
|
78 |
|
|
From 2b31b935a824d340876af24568c84bab6d4462cc Mon Sep 17 00:00:00 2001 |
79 |
|
|
From: Andreas Schneider <asn@samba.org> |
80 |
|
|
Date: Wed, 19 Aug 2015 16:19:30 +0200 |
81 |
|
|
Subject: [PATCH 3/3] s3-auth: Fix a memory leak in make_server_info_info3() |
82 |
|
|
|
83 |
|
|
We call make_server_info(NULL) and it is possible that we do not free |
84 |
|
|
it, because server_info is not allocated on the memory context we pass |
85 |
|
|
to the function. |
86 |
|
|
|
87 |
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
88 |
|
|
|
89 |
|
|
Signed-off-by: Andreas Schneider <asn@samba.org> |
90 |
|
|
Reviewed-by: Guenther Deschner <gd@samba.org> |
91 |
|
|
(cherry picked from commit 6363c0232c2238e1a782e9c22ef762e3ff9b7563) |
92 |
|
|
--- |
93 |
|
|
source3/auth/auth_util.c | 35 +++++++++++++++++++++++------------ |
94 |
|
|
1 file changed, 23 insertions(+), 12 deletions(-) |
95 |
|
|
|
96 |
|
|
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
97 |
|
|
index 688072e..2b355e4 100644 |
98 |
|
|
--- a/source3/auth/auth_util.c |
99 |
|
|
+++ b/source3/auth/auth_util.c |
100 |
|
|
@@ -1349,6 +1349,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
101 |
|
|
bool username_was_mapped; |
102 |
|
|
struct passwd *pwd; |
103 |
|
|
struct auth_serversupplied_info *result; |
104 |
|
|
+ TALLOC_CTX *tmp_ctx = talloc_stackframe(); |
105 |
|
|
|
106 |
|
|
/* |
107 |
|
|
Here is where we should check the list of |
108 |
|
|
@@ -1357,15 +1358,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
109 |
|
|
*/ |
110 |
|
|
|
111 |
|
|
if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) { |
112 |
|
|
- return NT_STATUS_INVALID_PARAMETER; |
113 |
|
|
+ nt_status = NT_STATUS_INVALID_PARAMETER; |
114 |
|
|
+ goto out; |
115 |
|
|
} |
116 |
|
|
|
117 |
|
|
if (!sid_compose(&group_sid, info3->base.domain_sid, |
118 |
|
|
info3->base.primary_gid)) { |
119 |
|
|
- return NT_STATUS_INVALID_PARAMETER; |
120 |
|
|
+ nt_status = NT_STATUS_INVALID_PARAMETER; |
121 |
|
|
+ goto out; |
122 |
|
|
} |
123 |
|
|
|
124 |
|
|
- nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string); |
125 |
|
|
+ nt_username = talloc_strdup(tmp_ctx, info3->base.account_name.string); |
126 |
|
|
if (!nt_username) { |
127 |
|
|
/* If the server didn't give us one, just use the one we sent |
128 |
|
|
* them */ |
129 |
|
|
@@ -1392,7 +1395,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
130 |
|
|
|
131 |
|
|
/* this call will try to create the user if necessary */ |
132 |
|
|
|
133 |
|
|
- nt_status = check_account(mem_ctx, |
134 |
|
|
+ nt_status = check_account(tmp_ctx, |
135 |
|
|
nt_domain, |
136 |
|
|
nt_username, |
137 |
|
|
&found_username, |
138 |
|
|
@@ -1406,15 +1409,19 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
139 |
|
|
lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) { |
140 |
|
|
DEBUG(2, ("Try to map %s to guest account", |
141 |
|
|
nt_username)); |
142 |
|
|
- return make_server_info_guest(mem_ctx, server_info); |
143 |
|
|
+ nt_status = make_server_info_guest(tmp_ctx, &result); |
144 |
|
|
+ if (NT_STATUS_IS_OK(nt_status)) { |
145 |
|
|
+ *server_info = talloc_move(mem_ctx, &result); |
146 |
|
|
+ } |
147 |
|
|
} |
148 |
|
|
- return nt_status; |
149 |
|
|
+ goto out; |
150 |
|
|
} |
151 |
|
|
|
152 |
|
|
- result = make_server_info(NULL); |
153 |
|
|
+ result = make_server_info(tmp_ctx); |
154 |
|
|
if (result == NULL) { |
155 |
|
|
DEBUG(4, ("make_server_info failed!\n")); |
156 |
|
|
- return NT_STATUS_NO_MEMORY; |
157 |
|
|
+ nt_status = NT_STATUS_NO_MEMORY; |
158 |
|
|
+ goto out; |
159 |
|
|
} |
160 |
|
|
|
161 |
|
|
result->unix_name = talloc_strdup(result, found_username); |
162 |
|
|
@@ -1422,8 +1429,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
163 |
|
|
/* copy in the info3 */ |
164 |
|
|
result->info3 = copy_netr_SamInfo3(result, info3); |
165 |
|
|
if (result->info3 == NULL) { |
166 |
|
|
- TALLOC_FREE(result); |
167 |
|
|
- return NT_STATUS_NO_MEMORY; |
168 |
|
|
+ nt_status = NT_STATUS_NO_MEMORY; |
169 |
|
|
+ goto out; |
170 |
|
|
} |
171 |
|
|
|
172 |
|
|
/* Fill in the unix info we found on the way */ |
173 |
|
|
@@ -1453,9 +1460,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
174 |
|
|
|
175 |
|
|
result->guest = (info3->base.user_flags & NETLOGON_GUEST); |
176 |
|
|
|
177 |
|
|
- *server_info = result; |
178 |
|
|
+ *server_info = talloc_move(mem_ctx, &result); |
179 |
|
|
|
180 |
|
|
- return NT_STATUS_OK; |
181 |
|
|
+ nt_status = NT_STATUS_OK; |
182 |
|
|
+out: |
183 |
|
|
+ talloc_free(tmp_ctx); |
184 |
|
|
+ |
185 |
|
|
+ return nt_status; |
186 |
|
|
} |
187 |
|
|
|
188 |
|
|
/***************************************************************************** |
189 |
|
|
-- |
190 |
|
|
2.5.0 |
191 |
|
|
|