1 |
From 4438a33e0e3621e9b178620ba0e543069bf85012 Mon Sep 17 00:00:00 2001 |
2 |
From: Andreas Schneider <asn@samba.org> |
3 |
Date: Wed, 19 Aug 2015 16:11:47 +0200 |
4 |
Subject: [PATCH 1/3] s3-auth: Fix 'map to guest = Bad Uid' support |
5 |
|
6 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
7 |
|
8 |
Signed-off-by: Andreas Schneider <asn@samba.org> |
9 |
Reviewed-by: Guenther Deschner <gd@samba.org> |
10 |
(cherry picked from commit 34965d4d98d172e848e2b96fad8a9e0b99288ba7) |
11 |
--- |
12 |
source3/auth/auth_util.c | 8 ++++++++ |
13 |
1 file changed, 8 insertions(+) |
14 |
|
15 |
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
16 |
index 1c2cf80..dcf173d 100644 |
17 |
--- a/source3/auth/auth_util.c |
18 |
+++ b/source3/auth/auth_util.c |
19 |
@@ -1397,6 +1397,14 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
20 |
&username_was_mapped); |
21 |
|
22 |
if (!NT_STATUS_IS_OK(nt_status)) { |
23 |
+ /* Handle 'map to guest = Bad Uid */ |
24 |
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) && |
25 |
+ (lp_security() == SEC_ADS || lp_security() == SEC_DOMAIN) && |
26 |
+ lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) { |
27 |
+ DEBUG(2, ("Try to map %s to guest account", |
28 |
+ nt_username)); |
29 |
+ return make_server_info_guest(mem_ctx, server_info); |
30 |
+ } |
31 |
return nt_status; |
32 |
} |
33 |
|
34 |
-- |
35 |
2.5.0 |
36 |
|
37 |
|
38 |
From e0cfca754ed1c540f3b8a5adcea3bd85aac74930 Mon Sep 17 00:00:00 2001 |
39 |
From: Andreas Schneider <asn@samba.org> |
40 |
Date: Wed, 19 Aug 2015 16:24:08 +0200 |
41 |
Subject: [PATCH 2/3] s3-auth: Pass nt_username to check_account() |
42 |
|
43 |
We set nt_username above but do not use it in this function. |
44 |
|
45 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
46 |
|
47 |
Signed-off-by: Andreas Schneider <asn@samba.org> |
48 |
Reviewed-by: Guenther Deschner <gd@samba.org> |
49 |
(cherry picked from commit e8c76932e4ac192a00afa3b9731f5921c4b37da6) |
50 |
--- |
51 |
source3/auth/auth_util.c | 9 ++++++--- |
52 |
1 file changed, 6 insertions(+), 3 deletions(-) |
53 |
|
54 |
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
55 |
index dcf173d..688072e 100644 |
56 |
--- a/source3/auth/auth_util.c |
57 |
+++ b/source3/auth/auth_util.c |
58 |
@@ -1392,9 +1392,12 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
59 |
|
60 |
/* this call will try to create the user if necessary */ |
61 |
|
62 |
- nt_status = check_account(mem_ctx, nt_domain, sent_nt_username, |
63 |
- &found_username, &pwd, |
64 |
- &username_was_mapped); |
65 |
+ nt_status = check_account(mem_ctx, |
66 |
+ nt_domain, |
67 |
+ nt_username, |
68 |
+ &found_username, |
69 |
+ &pwd, |
70 |
+ &username_was_mapped); |
71 |
|
72 |
if (!NT_STATUS_IS_OK(nt_status)) { |
73 |
/* Handle 'map to guest = Bad Uid */ |
74 |
-- |
75 |
2.5.0 |
76 |
|
77 |
|
78 |
From 2b31b935a824d340876af24568c84bab6d4462cc Mon Sep 17 00:00:00 2001 |
79 |
From: Andreas Schneider <asn@samba.org> |
80 |
Date: Wed, 19 Aug 2015 16:19:30 +0200 |
81 |
Subject: [PATCH 3/3] s3-auth: Fix a memory leak in make_server_info_info3() |
82 |
|
83 |
We call make_server_info(NULL) and it is possible that we do not free |
84 |
it, because server_info is not allocated on the memory context we pass |
85 |
to the function. |
86 |
|
87 |
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862 |
88 |
|
89 |
Signed-off-by: Andreas Schneider <asn@samba.org> |
90 |
Reviewed-by: Guenther Deschner <gd@samba.org> |
91 |
(cherry picked from commit 6363c0232c2238e1a782e9c22ef762e3ff9b7563) |
92 |
--- |
93 |
source3/auth/auth_util.c | 35 +++++++++++++++++++++++------------ |
94 |
1 file changed, 23 insertions(+), 12 deletions(-) |
95 |
|
96 |
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c |
97 |
index 688072e..2b355e4 100644 |
98 |
--- a/source3/auth/auth_util.c |
99 |
+++ b/source3/auth/auth_util.c |
100 |
@@ -1349,6 +1349,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
101 |
bool username_was_mapped; |
102 |
struct passwd *pwd; |
103 |
struct auth_serversupplied_info *result; |
104 |
+ TALLOC_CTX *tmp_ctx = talloc_stackframe(); |
105 |
|
106 |
/* |
107 |
Here is where we should check the list of |
108 |
@@ -1357,15 +1358,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
109 |
*/ |
110 |
|
111 |
if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) { |
112 |
- return NT_STATUS_INVALID_PARAMETER; |
113 |
+ nt_status = NT_STATUS_INVALID_PARAMETER; |
114 |
+ goto out; |
115 |
} |
116 |
|
117 |
if (!sid_compose(&group_sid, info3->base.domain_sid, |
118 |
info3->base.primary_gid)) { |
119 |
- return NT_STATUS_INVALID_PARAMETER; |
120 |
+ nt_status = NT_STATUS_INVALID_PARAMETER; |
121 |
+ goto out; |
122 |
} |
123 |
|
124 |
- nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string); |
125 |
+ nt_username = talloc_strdup(tmp_ctx, info3->base.account_name.string); |
126 |
if (!nt_username) { |
127 |
/* If the server didn't give us one, just use the one we sent |
128 |
* them */ |
129 |
@@ -1392,7 +1395,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
130 |
|
131 |
/* this call will try to create the user if necessary */ |
132 |
|
133 |
- nt_status = check_account(mem_ctx, |
134 |
+ nt_status = check_account(tmp_ctx, |
135 |
nt_domain, |
136 |
nt_username, |
137 |
&found_username, |
138 |
@@ -1406,15 +1409,19 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
139 |
lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) { |
140 |
DEBUG(2, ("Try to map %s to guest account", |
141 |
nt_username)); |
142 |
- return make_server_info_guest(mem_ctx, server_info); |
143 |
+ nt_status = make_server_info_guest(tmp_ctx, &result); |
144 |
+ if (NT_STATUS_IS_OK(nt_status)) { |
145 |
+ *server_info = talloc_move(mem_ctx, &result); |
146 |
+ } |
147 |
} |
148 |
- return nt_status; |
149 |
+ goto out; |
150 |
} |
151 |
|
152 |
- result = make_server_info(NULL); |
153 |
+ result = make_server_info(tmp_ctx); |
154 |
if (result == NULL) { |
155 |
DEBUG(4, ("make_server_info failed!\n")); |
156 |
- return NT_STATUS_NO_MEMORY; |
157 |
+ nt_status = NT_STATUS_NO_MEMORY; |
158 |
+ goto out; |
159 |
} |
160 |
|
161 |
result->unix_name = talloc_strdup(result, found_username); |
162 |
@@ -1422,8 +1429,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
163 |
/* copy in the info3 */ |
164 |
result->info3 = copy_netr_SamInfo3(result, info3); |
165 |
if (result->info3 == NULL) { |
166 |
- TALLOC_FREE(result); |
167 |
- return NT_STATUS_NO_MEMORY; |
168 |
+ nt_status = NT_STATUS_NO_MEMORY; |
169 |
+ goto out; |
170 |
} |
171 |
|
172 |
/* Fill in the unix info we found on the way */ |
173 |
@@ -1453,9 +1460,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, |
174 |
|
175 |
result->guest = (info3->base.user_flags & NETLOGON_GUEST); |
176 |
|
177 |
- *server_info = result; |
178 |
+ *server_info = talloc_move(mem_ctx, &result); |
179 |
|
180 |
- return NT_STATUS_OK; |
181 |
+ nt_status = NT_STATUS_OK; |
182 |
+out: |
183 |
+ talloc_free(tmp_ctx); |
184 |
+ |
185 |
+ return nt_status; |
186 |
} |
187 |
|
188 |
/***************************************************************************** |
189 |
-- |
190 |
2.5.0 |
191 |
|