The branch, v4-2-test has been updated
via 08bbbbc s3-util: Compare the maximum allowed length of a NetBIOS
name
via f2a2ac4 s3-auth: Fix a memory leak in make_server_info_info3()
via 175e73d s3-auth: Pass nt_username to check_account()
via 281bd2f s3-auth: Fix 'map to guest = Bad Uid' support
from 7e43c43 s3: winbindd: Fix TALLOC_FREE of uninitialized groups
variable.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit 08bbbbc87f7dd2b9f09b85ca7e361046095d2fb5
Author: Roel van Meer <r...@1afa.com>
Date: Tue Aug 4 16:50:43 2015 +0200
s3-util: Compare the maximum allowed length of a NetBIOS name
This fixes a problem where is_myname() returns true if one of our names
is a substring of the specified name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11427
Reviewed-by: Jeremy Allison <j...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
(cherry picked from commit 4e178ed498c594ffcd5592d0b792d47b064b9586)
Autobuild-User(v4-2-test): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(v4-2-test): Mon Aug 31 12:33:42 CEST 2015 on sn-devel-104
commit f2a2ac4bd9621d2d11e0945fad6143aeaa92536f
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:19:30 2015 +0200
s3-auth: Fix a memory leak in make_server_info_info3()
We call make_server_info(NULL) and it is possible that we do not free
it, because server_info is not allocated on the memory context we pass
to the function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit 6363c0232c2238e1a782e9c22ef762e3ff9b7563)
commit 175e73d006b9166e8edfde1d963ff6d023463d81
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:24:08 2015 +0200
s3-auth: Pass nt_username to check_account()
We set nt_username above but do not use it in this function.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit e8c76932e4ac192a00afa3b9731f5921c4b37da6)
commit 281bd2fb84fed3965d1201050d7b6cc7338c5fdb
Author: Andreas Schneider <a...@samba.org>
Date: Wed Aug 19 16:11:47 2015 +0200
s3-auth: Fix 'map to guest = Bad Uid' support
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9862
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Guenther Deschner <g...@samba.org>
(cherry picked from commit 34965d4d98d172e848e2b96fad8a9e0b99288ba7)
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_util.c | 48 +++++++++++++++++++++++++++++++++++-------------
source3/lib/util.c | 2 +-
2 files changed, 36 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1c2cf80..2b355e4 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1349,6 +1349,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
bool username_was_mapped;
struct passwd *pwd;
struct auth_serversupplied_info *result;
+ TALLOC_CTX *tmp_ctx = talloc_stackframe();
/*
Here is where we should check the list of
@@ -1357,15 +1358,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
*/
if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
if (!sid_compose(&group_sid, info3->base.domain_sid,
info3->base.primary_gid)) {
- return NT_STATUS_INVALID_PARAMETER;
+ nt_status = NT_STATUS_INVALID_PARAMETER;
+ goto out;
}
- nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string);
+ nt_username = talloc_strdup(tmp_ctx, info3->base.account_name.string);
if (!nt_username) {
/* If the server didn't give us one, just use the one we sent
* them */
@@ -1392,18 +1395,33 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* this call will try to create the user if necessary */
- nt_status = check_account(mem_ctx, nt_domain, sent_nt_username,
- &found_username, &pwd,
- &username_was_mapped);
+ nt_status = check_account(tmp_ctx,
+ nt_domain,
+ nt_username,
+ &found_username,
+ &pwd,
+ &username_was_mapped);
if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
+ /* Handle 'map to guest = Bad Uid */
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) &&
+ (lp_security() == SEC_ADS || lp_security() == SEC_DOMAIN) &&
+ lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) {
+ DEBUG(2, ("Try to map %s to guest account",
+ nt_username));
+ nt_status = make_server_info_guest(tmp_ctx, &result);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ *server_info = talloc_move(mem_ctx, &result);
+ }
+ }
+ goto out;
}
- result = make_server_info(NULL);
+ result = make_server_info(tmp_ctx);
if (result == NULL) {
DEBUG(4, ("make_server_info failed!\n"));
- return NT_STATUS_NO_MEMORY;
+ nt_status = NT_STATUS_NO_MEMORY;
+ goto out;
}
result->unix_name = talloc_strdup(result, found_username);
@@ -1411,8 +1429,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
/* copy in the info3 */
result->info3 = copy_netr_SamInfo3(result, info3);
if (result->info3 == NULL) {
- TALLOC_FREE(result);
- return NT_STATUS_NO_MEMORY;
+ nt_status = NT_STATUS_NO_MEMORY;
+ goto out;
}
/* Fill in the unix info we found on the way */
@@ -1442,9 +1460,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
result->guest = (info3->base.user_flags & NETLOGON_GUEST);
- *server_info = result;
+ *server_info = talloc_move(mem_ctx, &result);
- return NT_STATUS_OK;
+ nt_status = NT_STATUS_OK;
+out:
+ talloc_free(tmp_ctx);
+
+ return nt_status;
}
/*****************************************************************************
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 03c0d3e..087ea6d 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -1197,7 +1197,7 @@ bool is_myname(const char *s)
for (n=0; my_netbios_names(n); n++) {
const char *nbt_name = my_netbios_names(n);
- if (strncasecmp_m(nbt_name, s, strlen(nbt_name)) == 0) {
+ if (strncasecmp_m(nbt_name, s, MAX_NETBIOSNAME_LEN-1) == 0) {
ret=True;
break;
}
--
Samba Shared Repository
