]> git.ipfire.org Git - ipfire-2.x.git/blob - src/patches/samba/samba-3.6.99-fix_force_user_with_security_ads.patch
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/master' into next
[ipfire-2.x.git] / src / patches / samba / samba-3.6.99-fix_force_user_with_security_ads.patch
1 From 77942b3569d379a097b2f7c58203d0379fd80ddc Mon Sep 17 00:00:00 2001
2 From: Andreas Schneider <asn@samba.org>
3 Date: Mon, 16 Dec 2013 12:57:20 +0100
4 Subject: [PATCH 1/6] s3-lib: Add winbind_lookup_usersids().
5
6 Pair-Programmed-With: Guenther Deschner <gd@samba.org>
7 Signed-off-by: Guenther Deschner <gd@samba.org>
8 Signed-off-by: Andreas Schneider <asn@samba.org>
9 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
10 ---
11 source3/lib/winbind_util.c | 34 ++++++++++++++++++++++++++++++++++
12 source3/lib/winbind_util.h | 4 ++++
13 2 files changed, 38 insertions(+)
14
15 diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c
16 index f30bcfc..758fe73 100644
17 --- a/source3/lib/winbind_util.c
18 +++ b/source3/lib/winbind_util.c
19 @@ -342,6 +342,40 @@ bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
20 return true;
21 }
22
23 +bool winbind_lookup_usersids(TALLOC_CTX *mem_ctx,
24 + const struct dom_sid *user_sid,
25 + uint32_t *p_num_sids,
26 + struct dom_sid **p_sids)
27 +{
28 + wbcErr ret;
29 + struct wbcDomainSid dom_sid;
30 + struct wbcDomainSid *sid_list = NULL;
31 + uint32_t num_sids;
32 +
33 + memcpy(&dom_sid, user_sid, sizeof(dom_sid));
34 +
35 + ret = wbcLookupUserSids(&dom_sid,
36 + false,
37 + &num_sids,
38 + &sid_list);
39 + if (ret != WBC_ERR_SUCCESS) {
40 + return false;
41 + }
42 +
43 + *p_sids = talloc_array(mem_ctx, struct dom_sid, num_sids);
44 + if (*p_sids == NULL) {
45 + wbcFreeMemory(sid_list);
46 + return false;
47 + }
48 +
49 + memcpy(*p_sids, sid_list, sizeof(dom_sid) * num_sids);
50 +
51 + *p_num_sids = num_sids;
52 + wbcFreeMemory(sid_list);
53 +
54 + return true;
55 +}
56 +
57 #else /* WITH_WINBIND */
58
59 struct passwd * winbind_getpwnam(const char * name)
60 diff --git a/source3/lib/winbind_util.h b/source3/lib/winbind_util.h
61 index 541bb95..abbc5a9 100644
62 --- a/source3/lib/winbind_util.h
63 +++ b/source3/lib/winbind_util.h
64 @@ -58,5 +58,9 @@ bool winbind_get_sid_aliases(TALLOC_CTX *mem_ctx,
65 size_t num_members,
66 uint32_t **pp_alias_rids,
67 size_t *p_num_alias_rids);
68 +bool winbind_lookup_usersids(TALLOC_CTX *mem_ctx,
69 + const struct dom_sid *user_sid,
70 + uint32_t *p_num_sids,
71 + struct dom_sid **p_sids);
72
73 #endif /* __LIB__WINBIND_UTIL_H__ */
74 --
75 1.8.5.3
76
77
78 From a776571e344110b89340f5008bed869763aa4dff Mon Sep 17 00:00:00 2001
79 From: Andreas Schneider <asn@samba.org>
80 Date: Fri, 13 Dec 2013 19:08:34 +0100
81 Subject: [PATCH 2/6] s3-auth: Add passwd_to_SamInfo3().
82
83 First this function tries to contacts winbind if the user is a domain
84 user to get valid information about it. If winbind isn't running it will
85 try to create everything from the passwd struct. This is not always
86 reliable but works in most cases. It improves the current situation
87 which doesn't talk to winbind at all.
88
89 Pair-Programmed-With: Guenther Deschner <gd@samba.org>
90 Signed-off-by: Guenther Deschner <gd@samba.org>
91 Signed-off-by: Andreas Schneider <asn@samba.org>
92 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
93 ---
94 source3/auth/proto.h | 4 ++
95 source3/auth/server_info.c | 116 +++++++++++++++++++++++++++++++++++++++++++++
96 2 files changed, 120 insertions(+)
97
98 diff --git a/source3/auth/proto.h b/source3/auth/proto.h
99 index 3d1fa06..c5a9647 100644
100 --- a/source3/auth/proto.h
101 +++ b/source3/auth/proto.h
102 @@ -225,6 +225,10 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
103 const char *login_server,
104 struct netr_SamInfo3 **_info3,
105 struct extra_auth_info *extra);
106 +NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
107 + const char *unix_username,
108 + const struct passwd *pwd,
109 + struct netr_SamInfo3 **pinfo3);
110 struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
111 struct netr_SamInfo3 *orig);
112 struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
113 diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
114 index 90b3ed6..32ffd3a 100644
115 --- a/source3/auth/server_info.c
116 +++ b/source3/auth/server_info.c
117 @@ -24,6 +24,7 @@
118 #include "../libcli/security/security.h"
119 #include "rpc_client/util_netlogon.h"
120 #include "nsswitch/libwbclient/wbclient.h"
121 +#include "lib/winbind_util.h"
122 #include "passdb.h"
123
124 #undef DBGC_CLASS
125 @@ -476,6 +477,121 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
126 return NT_STATUS_OK;
127 }
128
129 +NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
130 + const char *unix_username,
131 + const struct passwd *pwd,
132 + struct netr_SamInfo3 **pinfo3)
133 +{
134 + struct netr_SamInfo3 *info3;
135 + NTSTATUS status;
136 + TALLOC_CTX *tmp_ctx;
137 + const char *domain_name = NULL;
138 + const char *user_name = NULL;
139 + struct dom_sid domain_sid;
140 + struct dom_sid user_sid;
141 + struct dom_sid group_sid;
142 + enum lsa_SidType type;
143 + uint32_t num_sids = 0;
144 + struct dom_sid *user_sids = NULL;
145 + bool ok;
146 +
147 + tmp_ctx = talloc_stackframe();
148 +
149 + ok = lookup_name_smbconf(tmp_ctx,
150 + unix_username,
151 + LOOKUP_NAME_ALL,
152 + &domain_name,
153 + &user_name,
154 + &user_sid,
155 + &type);
156 + if (!ok) {
157 + status = NT_STATUS_NO_SUCH_USER;
158 + goto done;
159 + }
160 +
161 + if (type != SID_NAME_USER) {
162 + status = NT_STATUS_NO_SUCH_USER;
163 + goto done;
164 + }
165 +
166 + ok = winbind_lookup_usersids(tmp_ctx,
167 + &user_sid,
168 + &num_sids,
169 + &user_sids);
170 + /* Check if winbind is running */
171 + if (ok) {
172 + /*
173 + * Winbind is running and the first element of the user_sids
174 + * is the primary group.
175 + */
176 + if (num_sids > 0) {
177 + group_sid = user_sids[0];
178 + }
179 + } else {
180 + /*
181 + * Winbind is not running, create the group_sid from the
182 + * group id.
183 + */
184 + gid_to_sid(&group_sid, pwd->pw_gid);
185 + }
186 +
187 + /* Make sure we have a valid group sid */
188 + ok = !is_null_sid(&group_sid);
189 + if (!ok) {
190 + status = NT_STATUS_NO_SUCH_USER;
191 + goto done;
192 + }
193 +
194 + /* Construct a netr_SamInfo3 from the information we have */
195 + info3 = talloc_zero(tmp_ctx, struct netr_SamInfo3);
196 + if (!info3) {
197 + status = NT_STATUS_NO_MEMORY;
198 + goto done;
199 + }
200 +
201 + info3->base.account_name.string = talloc_strdup(info3, unix_username);
202 + if (info3->base.account_name.string == NULL) {
203 + status = NT_STATUS_NO_MEMORY;
204 + goto done;
205 + }
206 +
207 + ZERO_STRUCT(domain_sid);
208 +
209 + sid_copy(&domain_sid, &user_sid);
210 + sid_split_rid(&domain_sid, &info3->base.rid);
211 + info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
212 +
213 + ok = sid_peek_check_rid(&domain_sid, &group_sid,
214 + &info3->base.primary_gid);
215 + if (!ok) {
216 + DEBUG(1, ("The primary group domain sid(%s) does not "
217 + "match the domain sid(%s) for %s(%s)\n",
218 + sid_string_dbg(&group_sid),
219 + sid_string_dbg(&domain_sid),
220 + unix_username,
221 + sid_string_dbg(&user_sid)));
222 + status = NT_STATUS_INVALID_SID;
223 + goto done;
224 + }
225 +
226 + info3->base.acct_flags = ACB_NORMAL;
227 +
228 + if (num_sids) {
229 + status = group_sids_to_info3(info3, user_sids, num_sids);
230 + if (!NT_STATUS_IS_OK(status)) {
231 + goto done;
232 + }
233 + }
234 +
235 + *pinfo3 = talloc_steal(mem_ctx, info3);
236 +
237 + status = NT_STATUS_OK;
238 +done:
239 + talloc_free(tmp_ctx);
240 +
241 + return status;
242 +}
243 +
244 #undef RET_NOMEM
245
246 #define RET_NOMEM(ptr) do { \
247 --
248 1.8.5.3
249
250
251 From de5914820e7e8665036411061911a9a5ed06a673 Mon Sep 17 00:00:00 2001
252 From: Andreas Schneider <asn@samba.org>
253 Date: Fri, 13 Dec 2013 19:11:01 +0100
254 Subject: [PATCH 3/6] s3-auth: Pass talloc context to make_server_info_pw().
255
256 Pair-Programmed-With: Guenther Deschner <gd@samba.org>
257 Signed-off-by: Guenther Deschner <gd@samba.org>
258 Signed-off-by: Andreas Schneider <asn@samba.org>
259 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
260 ---
261 source3/auth/auth_server.c | 5 ++++-
262 source3/auth/auth_unix.c | 7 +++++--
263 source3/auth/auth_util.c | 51 ++++++++++++++++++++++++++--------------------
264 source3/auth/proto.h | 9 ++++----
265 source3/auth/user_krb5.c | 2 +-
266 5 files changed, 44 insertions(+), 30 deletions(-)
267
268 diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
269 index fdd7671..969caad 100644
270 --- a/source3/auth/auth_server.c
271 +++ b/source3/auth/auth_server.c
272 @@ -448,7 +448,10 @@ use this machine as the password server.\n"));
273 if ( (pass = smb_getpwnam(talloc_tos(), user_info->mapped.account_name,
274 &real_username, True )) != NULL )
275 {
276 - nt_status = make_server_info_pw(server_info, pass->pw_name, pass);
277 + nt_status = make_server_info_pw(mem_ctx,
278 + pass->pw_name,
279 + pass,
280 + server_info);
281 TALLOC_FREE(pass);
282 TALLOC_FREE(real_username);
283 }
284 diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
285 index 086c39e..d6ef547 100644
286 --- a/source3/auth/auth_unix.c
287 +++ b/source3/auth/auth_unix.c
288 @@ -56,8 +56,11 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context,
289 unbecome_root();
290
291 if (NT_STATUS_IS_OK(nt_status)) {
292 - if (pass) {
293 - make_server_info_pw(server_info, pass->pw_name, pass);
294 + if (pass != NULL) {
295 + nt_status = make_server_info_pw(mem_ctx,
296 + pass->pw_name,
297 + pass,
298 + server_info);
299 } else {
300 /* we need to do somthing more useful here */
301 nt_status = NT_STATUS_NO_SUCH_USER;
302 diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
303 index 288f461..3aa229d 100644
304 --- a/source3/auth/auth_util.c
305 +++ b/source3/auth/auth_util.c
306 @@ -555,14 +555,15 @@ NTSTATUS create_local_token(struct auth_serversupplied_info *server_info)
307 to a struct samu
308 ***************************************************************************/
309
310 -NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info,
311 - char *unix_username,
312 - struct passwd *pwd)
313 +NTSTATUS make_server_info_pw(TALLOC_CTX *mem_ctx,
314 + const char *unix_username,
315 + const struct passwd *pwd,
316 + struct auth_serversupplied_info **server_info)
317 {
318 NTSTATUS status;
319 struct samu *sampass = NULL;
320 char *qualified_name = NULL;
321 - TALLOC_CTX *mem_ctx = NULL;
322 + TALLOC_CTX *tmp_ctx;
323 struct dom_sid u_sid;
324 enum lsa_SidType type;
325 struct auth_serversupplied_info *result;
326 @@ -580,27 +581,27 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info,
327 * plaintext passwords were used with no SAM backend.
328 */
329
330 - mem_ctx = talloc_init("make_server_info_pw_tmp");
331 - if (!mem_ctx) {
332 + tmp_ctx = talloc_stackframe();
333 + if (tmp_ctx == NULL) {
334 return NT_STATUS_NO_MEMORY;
335 }
336
337 - qualified_name = talloc_asprintf(mem_ctx, "%s\\%s",
338 + qualified_name = talloc_asprintf(tmp_ctx, "%s\\%s",
339 unix_users_domain_name(),
340 unix_username );
341 if (!qualified_name) {
342 - TALLOC_FREE(mem_ctx);
343 + TALLOC_FREE(tmp_ctx);
344 return NT_STATUS_NO_MEMORY;
345 }
346
347 - if (!lookup_name(mem_ctx, qualified_name, LOOKUP_NAME_ALL,
348 + if (!lookup_name(tmp_ctx, qualified_name, LOOKUP_NAME_ALL,
349 NULL, NULL,
350 &u_sid, &type)) {
351 - TALLOC_FREE(mem_ctx);
352 + TALLOC_FREE(tmp_ctx);
353 return NT_STATUS_NO_SUCH_USER;
354 }
355
356 - TALLOC_FREE(mem_ctx);
357 + TALLOC_FREE(tmp_ctx);
358
359 if (type != SID_NAME_USER) {
360 return NT_STATUS_NO_SUCH_USER;
361 @@ -623,7 +624,7 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info,
362 /* set the user sid to be the calculated u_sid */
363 pdb_set_user_sid(sampass, &u_sid, PDB_SET);
364
365 - result = make_server_info(NULL);
366 + result = make_server_info(mem_ctx);
367 if (result == NULL) {
368 TALLOC_FREE(sampass);
369 return NT_STATUS_NO_MEMORY;
370 @@ -908,37 +909,43 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
371 {
372 struct auth_serversupplied_info *result;
373 struct passwd *pwd;
374 + TALLOC_CTX *tmp_ctx;
375 NTSTATUS status;
376
377 - pwd = Get_Pwnam_alloc(talloc_tos(), username);
378 - if (pwd == NULL) {
379 - return NT_STATUS_NO_SUCH_USER;
380 + tmp_ctx = talloc_stackframe();
381 + if (tmp_ctx == NULL) {
382 + return NT_STATUS_NO_MEMORY;
383 }
384
385 - status = make_server_info_pw(&result, pwd->pw_name, pwd);
386 -
387 - TALLOC_FREE(pwd);
388 + pwd = Get_Pwnam_alloc(tmp_ctx, username);
389 + if (pwd == NULL) {
390 + status = NT_STATUS_NO_SUCH_USER;
391 + goto done;
392 + }
393
394 + status = make_server_info_pw(tmp_ctx, pwd->pw_name, pwd, &result);
395 if (!NT_STATUS_IS_OK(status)) {
396 - return status;
397 + goto done;
398 }
399
400 result->nss_token = true;
401 result->guest = is_guest;
402
403 if (use_guest_token) {
404 - status = make_server_info_guest(mem_ctx, &result);
405 + status = make_server_info_guest(tmp_ctx, &result);
406 } else {
407 status = create_local_token(result);
408 }
409
410 + *presult = talloc_steal(mem_ctx, result);
411 +done:
412 + talloc_free(tmp_ctx);
413 if (!NT_STATUS_IS_OK(status)) {
414 TALLOC_FREE(result);
415 return status;
416 }
417
418 - *presult = talloc_steal(mem_ctx, result);
419 - return NT_STATUS_OK;
420 + return status;
421 }
422
423
424 diff --git a/source3/auth/proto.h b/source3/auth/proto.h
425 index c5a9647..50a27cf 100644
426 --- a/source3/auth/proto.h
427 +++ b/source3/auth/proto.h
428 @@ -144,14 +144,15 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
429 bool user_in_group_sid(const char *username, const struct dom_sid *group_sid);
430 bool user_in_group(const char *username, const char *groupname);
431 struct passwd;
432 -NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info,
433 - char *unix_username,
434 - struct passwd *pwd);
435 +NTSTATUS make_server_info_pw(TALLOC_CTX *mem_ctx,
436 + const char *unix_username,
437 + const struct passwd *pwd,
438 + struct auth_serversupplied_info **server_info);
439 NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
440 const char *username,
441 bool use_guest_token,
442 bool is_guest,
443 - struct auth_serversupplied_info **presult);
444 + struct auth_serversupplied_info **session_info);
445 struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx,
446 const struct auth_serversupplied_info *src);
447 bool init_guest_info(void);
448 diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
449 index e52149a..1214b45 100644
450 --- a/source3/auth/user_krb5.c
451 +++ b/source3/auth/user_krb5.c
452 @@ -238,7 +238,7 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
453 */
454 DEBUG(10, ("didn't find user %s in passdb, calling "
455 "make_server_info_pw\n", username));
456 - status = make_server_info_pw(&tmp, username, pw);
457 + status = make_server_info_pw(mem_ctx, username, pw, &tmp);
458 }
459 TALLOC_FREE(sampass);
460
461 --
462 1.8.5.3
463
464
465 From 840b5b996a719922a1fdaa5ee2188a4d4c60f345 Mon Sep 17 00:00:00 2001
466 From: Andreas Schneider <asn@samba.org>
467 Date: Fri, 13 Dec 2013 19:19:02 +0100
468 Subject: [PATCH 4/6] s3-auth: Use passwd_to_SamInfo3().
469
470 Correctly lookup users which come from smb.conf. passwd_to_SamInfo3()
471 tries to contact winbind if the user is a domain user to get
472 valid information about it. If winbind isn't running it will try to
473 create everything from the passwd struct. This is not always reliable
474 but works in most cases. It improves the current situation which doesn't
475 talk to winbind at all.
476
477 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598
478
479 Pair-Programmed-With: Guenther Deschner <gd@samba.org>
480 Signed-off-by: Andreas Schneider <asn@samba.org>
481 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
482
483 Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
484 Autobuild-Date(master): Wed Feb 5 01:40:38 CET 2014 on sn-devel-104
485 ---
486 source3/auth/auth_util.c | 91 +++++++++-------------------------------------
487 source3/auth/server_info.c | 22 ++++++++++-
488 2 files changed, 37 insertions(+), 76 deletions(-)
489
490 diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
491 index 3aa229d..5ffdb25f 100644
492 --- a/source3/auth/auth_util.c
493 +++ b/source3/auth/auth_util.c
494 @@ -561,100 +561,43 @@ NTSTATUS make_server_info_pw(TALLOC_CTX *mem_ctx,
495 struct auth_serversupplied_info **server_info)
496 {
497 NTSTATUS status;
498 - struct samu *sampass = NULL;
499 - char *qualified_name = NULL;
500 - TALLOC_CTX *tmp_ctx;
501 - struct dom_sid u_sid;
502 - enum lsa_SidType type;
503 + TALLOC_CTX *tmp_ctx = NULL;
504 struct auth_serversupplied_info *result;
505
506 - /*
507 - * The SID returned in server_info->sam_account is based
508 - * on our SAM sid even though for a pure UNIX account this should
509 - * not be the case as it doesn't really exist in the SAM db.
510 - * This causes lookups on "[in]valid users" to fail as they
511 - * will lookup this name as a "Unix User" SID to check against
512 - * the user token. Fix this by adding the "Unix User"\unix_username
513 - * SID to the sid array. The correct fix should probably be
514 - * changing the server_info->sam_account user SID to be a
515 - * S-1-22 Unix SID, but this might break old configs where
516 - * plaintext passwords were used with no SAM backend.
517 - */
518 -
519 tmp_ctx = talloc_stackframe();
520 if (tmp_ctx == NULL) {
521 return NT_STATUS_NO_MEMORY;
522 }
523
524 - qualified_name = talloc_asprintf(tmp_ctx, "%s\\%s",
525 - unix_users_domain_name(),
526 - unix_username );
527 - if (!qualified_name) {
528 - TALLOC_FREE(tmp_ctx);
529 - return NT_STATUS_NO_MEMORY;
530 - }
531 -
532 - if (!lookup_name(tmp_ctx, qualified_name, LOOKUP_NAME_ALL,
533 - NULL, NULL,
534 - &u_sid, &type)) {
535 - TALLOC_FREE(tmp_ctx);
536 - return NT_STATUS_NO_SUCH_USER;
537 - }
538 -
539 - TALLOC_FREE(tmp_ctx);
540 -
541 - if (type != SID_NAME_USER) {
542 - return NT_STATUS_NO_SUCH_USER;
543 - }
544 -
545 - if ( !(sampass = samu_new( NULL )) ) {
546 - return NT_STATUS_NO_MEMORY;
547 - }
548 -
549 - status = samu_set_unix( sampass, pwd );
550 - if (!NT_STATUS_IS_OK(status)) {
551 - return status;
552 - }
553 -
554 - /* In pathological cases the above call can set the account
555 - * name to the DOMAIN\username form. Reset the account name
556 - * using unix_username */
557 - pdb_set_username(sampass, unix_username, PDB_SET);
558 -
559 - /* set the user sid to be the calculated u_sid */
560 - pdb_set_user_sid(sampass, &u_sid, PDB_SET);
561 -
562 - result = make_server_info(mem_ctx);
563 + result = make_server_info(tmp_ctx);
564 if (result == NULL) {
565 - TALLOC_FREE(sampass);
566 - return NT_STATUS_NO_MEMORY;
567 + status = NT_STATUS_NO_MEMORY;
568 + goto done;
569 }
570
571 - status = samu_to_SamInfo3(result, sampass, global_myname(),
572 - &result->info3, &result->extra);
573 - TALLOC_FREE(sampass);
574 + status = passwd_to_SamInfo3(result,
575 + unix_username,
576 + pwd,
577 + &result->info3);
578 if (!NT_STATUS_IS_OK(status)) {
579 - DEBUG(10, ("Failed to convert samu to info3: %s\n",
580 - nt_errstr(status)));
581 - TALLOC_FREE(result);
582 - return status;
583 + goto done;
584 }
585
586 result->unix_name = talloc_strdup(result, unix_username);
587 - result->sanitized_username = sanitize_username(result, unix_username);
588 -
589 - if ((result->unix_name == NULL)
590 - || (result->sanitized_username == NULL)) {
591 - TALLOC_FREE(result);
592 - return NT_STATUS_NO_MEMORY;
593 + if (result->unix_name == NULL) {
594 + status = NT_STATUS_NO_MEMORY;
595 + goto done;
596 }
597
598 result->utok.uid = pwd->pw_uid;
599 result->utok.gid = pwd->pw_gid;
600
601 - *server_info = result;
602 + *server_info = talloc_steal(mem_ctx, result);
603 + status = NT_STATUS_OK;
604 +done:
605 + talloc_free(tmp_ctx);
606
607 - return NT_STATUS_OK;
608 + return status;
609 }
610
611 static NTSTATUS get_system_info3(TALLOC_CTX *mem_ctx,
612 diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
613 index 32ffd3a..077bb6b 100644
614 --- a/source3/auth/server_info.c
615 +++ b/source3/auth/server_info.c
616 @@ -529,10 +529,28 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
617 }
618 } else {
619 /*
620 - * Winbind is not running, create the group_sid from the
621 - * group id.
622 + * Winbind is not running, try to create the group_sid from the
623 + * passwd group id.
624 + */
625 +
626 + /*
627 + * This can lead to a primary group of S-1-22-2-XX which
628 + * will be rejected by other Samba code.
629 */
630 gid_to_sid(&group_sid, pwd->pw_gid);
631 +
632 + ZERO_STRUCT(domain_sid);
633 +
634 + /*
635 + * If we are a unix group, set the group_sid to the
636 + * 'Domain Users' RID of 513 which will always resolve to a
637 + * name.
638 + */
639 + if (sid_check_is_in_unix_groups(&group_sid)) {
640 + sid_compose(&group_sid,
641 + get_global_sam_sid(),
642 + DOMAIN_RID_USERS);
643 + }
644 }
645
646 /* Make sure we have a valid group sid */
647 --
648 1.8.5.3
649
650
651 From 7d8da06b8966cfb45ede48ce2be0754fd592ff62 Mon Sep 17 00:00:00 2001
652 From: Andreas Schneider <asn@samba.org>
653 Date: Tue, 18 Feb 2014 10:02:57 +0100
654 Subject: [PATCH 5/6] s3-auth: Pass mem_ctx to make_server_info_sam().
655
656 Coverity-Id: 1168009
657 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598
658
659 Signed-off-by: Andreas Schneider <asn@samba.org>
660
661 Change-Id: Ie614b0654c3a7eec1ebb10dbb9763696eec795bd
662 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
663
664 (cherry picked from commit 3dc72266005e87a291f5bf9847257e8c54314d39)
665 ---
666 source3/auth/check_samsec.c | 2 +-
667 source3/auth/proto.h | 5 ++--
668 source3/auth/server_info_sam.c | 63 +++++++++++++++++++++++++-----------------
669 source3/auth/user_krb5.c | 12 ++++----
670 4 files changed, 49 insertions(+), 33 deletions(-)
671
672 diff --git a/source3/auth/check_samsec.c b/source3/auth/check_samsec.c
673 index f918dc0..ed30e0d 100644
674 --- a/source3/auth/check_samsec.c
675 +++ b/source3/auth/check_samsec.c
676 @@ -482,7 +482,7 @@ NTSTATUS check_sam_security(const DATA_BLOB *challenge,
677 }
678
679 become_root();
680 - nt_status = make_server_info_sam(server_info, sampass);
681 + nt_status = make_server_info_sam(mem_ctx, sampass, server_info);
682 unbecome_root();
683
684 TALLOC_FREE(sampass);
685 diff --git a/source3/auth/proto.h b/source3/auth/proto.h
686 index 50a27cf..e6830aa 100644
687 --- a/source3/auth/proto.h
688 +++ b/source3/auth/proto.h
689 @@ -133,8 +133,9 @@ NTSTATUS make_user_info_for_reply_enc(struct auth_usersupplied_info **user_info,
690 DATA_BLOB lm_resp, DATA_BLOB nt_resp);
691 bool make_user_info_guest(struct auth_usersupplied_info **user_info) ;
692 struct samu;
693 -NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
694 - struct samu *sampass);
695 +NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
696 + struct samu *sampass,
697 + struct auth_serversupplied_info **pserver_info);
698 NTSTATUS create_local_token(struct auth_serversupplied_info *server_info);
699 NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
700 bool is_guest,
701 diff --git a/source3/auth/server_info_sam.c b/source3/auth/server_info_sam.c
702 index 31fd9f9..aed70fa 100644
703 --- a/source3/auth/server_info_sam.c
704 +++ b/source3/auth/server_info_sam.c
705 @@ -58,45 +58,54 @@ static bool is_our_machine_account(const char *username)
706 Make (and fill) a user_info struct from a struct samu
707 ***************************************************************************/
708
709 -NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
710 - struct samu *sampass)
711 +NTSTATUS make_server_info_sam(TALLOC_CTX *mem_ctx,
712 + struct samu *sampass,
713 + struct auth_serversupplied_info **pserver_info)
714 {
715 struct passwd *pwd;
716 - struct auth_serversupplied_info *result;
717 + struct auth_serversupplied_info *server_info;
718 const char *username = pdb_get_username(sampass);
719 + TALLOC_CTX *tmp_ctx;
720 NTSTATUS status;
721
722 - if ( !(result = make_server_info(NULL)) ) {
723 + tmp_ctx = talloc_stackframe();
724 + if (tmp_ctx == NULL) {
725 return NT_STATUS_NO_MEMORY;
726 }
727
728 - if ( !(pwd = Get_Pwnam_alloc(result, username)) ) {
729 + server_info = make_server_info(tmp_ctx);
730 + if (server_info == NULL) {
731 + status = NT_STATUS_NO_MEMORY;
732 + goto out;
733 + }
734 +
735 + pwd = Get_Pwnam_alloc(tmp_ctx, username);
736 + if (pwd == NULL) {
737 DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
738 pdb_get_username(sampass)));
739 - TALLOC_FREE(result);
740 - return NT_STATUS_NO_SUCH_USER;
741 + status = NT_STATUS_NO_SUCH_USER;
742 + goto out;
743 }
744
745 - status = samu_to_SamInfo3(result, sampass, global_myname(),
746 - &result->info3, &result->extra);
747 + status = samu_to_SamInfo3(server_info,
748 + sampass,
749 + global_myname(),
750 + &server_info->info3,
751 + &server_info->extra);
752 if (!NT_STATUS_IS_OK(status)) {
753 - TALLOC_FREE(result);
754 - return status;
755 + goto out;
756 }
757
758 - result->unix_name = pwd->pw_name;
759 - /* Ensure that we keep pwd->pw_name, because we will free pwd below */
760 - talloc_steal(result, pwd->pw_name);
761 - result->utok.gid = pwd->pw_gid;
762 - result->utok.uid = pwd->pw_uid;
763 + server_info->unix_name = talloc_steal(server_info, pwd->pw_name);
764
765 - TALLOC_FREE(pwd);
766 + server_info->utok.gid = pwd->pw_gid;
767 + server_info->utok.uid = pwd->pw_uid;
768
769 - result->sanitized_username = sanitize_username(result,
770 - result->unix_name);
771 - if (result->sanitized_username == NULL) {
772 - TALLOC_FREE(result);
773 - return NT_STATUS_NO_MEMORY;
774 + server_info->sanitized_username = sanitize_username(server_info,
775 + server_info->unix_name);
776 + if (server_info->sanitized_username == NULL) {
777 + status = NT_STATUS_NO_MEMORY;
778 + goto out;
779 }
780
781 if (IS_DC && is_our_machine_account(username)) {
782 @@ -117,9 +126,13 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
783 }
784
785 DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
786 - pdb_get_username(sampass), result->unix_name));
787 + pdb_get_username(sampass), server_info->unix_name));
788 +
789 + *pserver_info = talloc_steal(mem_ctx, server_info);
790
791 - *server_info = result;
792 + status = NT_STATUS_OK;
793 +out:
794 + talloc_free(tmp_ctx);
795
796 - return NT_STATUS_OK;
797 + return status;
798 }
799 diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
800 index 1214b45..1441f88 100644
801 --- a/source3/auth/user_krb5.c
802 +++ b/source3/auth/user_krb5.c
803 @@ -219,9 +219,6 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
804 * SID consistency with ntlmssp session setup
805 */
806 struct samu *sampass;
807 - /* The stupid make_server_info_XX functions here
808 - don't take a talloc context. */
809 - struct auth_serversupplied_info *tmp = NULL;
810
811 sampass = samu_new(talloc_tos());
812 if (sampass == NULL) {
813 @@ -231,14 +228,19 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
814 if (pdb_getsampwnam(sampass, username)) {
815 DEBUG(10, ("found user %s in passdb, calling "
816 "make_server_info_sam\n", username));
817 - status = make_server_info_sam(&tmp, sampass);
818 + status = make_server_info_sam(mem_ctx,
819 + sampass,
820 + &server_info);
821 } else {
822 /*
823 * User not in passdb, make it up artificially
824 */
825 DEBUG(10, ("didn't find user %s in passdb, calling "
826 "make_server_info_pw\n", username));
827 - status = make_server_info_pw(mem_ctx, username, pw, &tmp);
828 + status = make_server_info_pw(mem_ctx,
829 + username,
830 + pw,
831 + &server_info);
832 }
833 TALLOC_FREE(sampass);
834
835 --
836 1.8.5.3
837
838
839 From 77c2d6c08ab3f3894a225a306dbc87f5575a1902 Mon Sep 17 00:00:00 2001
840 From: Andreas Schneider <asn@samba.org>
841 Date: Tue, 18 Feb 2014 10:19:57 +0100
842 Subject: [PATCH 6/6] s3-auth: Pass mem_ctx to auth_check_ntlm_password().
843
844 Coverity-Id: 1168009
845 BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598
846
847 Signed-off-by: Andreas Schneider <asn@samba.org>
848
849 Change-Id: Ie01674561a6a75239a13918d3190c2f21c3efc7a
850 Reviewed-by: Andrew Bartlett <abartlet@samba.org>
851
852 (cherry picked from commit 4d792db03f18aa164b565c7fdc7b446c174fba28)
853 ---
854 source3/auth/auth.c | 51 ++++++++++++++++++-----------
855 source3/auth/auth_compat.c | 19 ++++++++---
856 source3/auth/auth_ntlmssp.c | 6 ++--
857 source3/auth/proto.h | 3 +-
858 source3/auth/user_krb5.c | 7 ++--
859 source3/include/auth.h | 3 +-
860 source3/rpc_server/netlogon/srv_netlog_nt.c | 6 ++--
861 source3/smbd/sesssetup.c | 16 +++++----
862 8 files changed, 69 insertions(+), 42 deletions(-)
863
864 diff --git a/source3/auth/auth.c b/source3/auth/auth.c
865 index dbe337f..17431b8 100644
866 --- a/source3/auth/auth.c
867 +++ b/source3/auth/auth.c
868 @@ -201,19 +201,19 @@ static bool check_domain_match(const char *user, const char *domain)
869 * @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
870 *
871 **/
872 -
873 -static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
874 - const struct auth_usersupplied_info *user_info,
875 - struct auth_serversupplied_info **server_info)
876 +static NTSTATUS check_ntlm_password(TALLOC_CTX *mem_ctx,
877 + const struct auth_context *auth_context,
878 + const struct auth_usersupplied_info *user_info,
879 + struct auth_serversupplied_info **pserver_info)
880 {
881 /* if all the modules say 'not for me' this is reasonable */
882 NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
883 const char *unix_username;
884 auth_methods *auth_method;
885 - TALLOC_CTX *mem_ctx;
886
887 - if (!user_info || !auth_context || !server_info)
888 + if (user_info == NULL || auth_context == NULL || pserver_info == NULL) {
889 return NT_STATUS_LOGON_FAILURE;
890 + }
891
892 DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
893 user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
894 @@ -247,17 +247,27 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
895 return NT_STATUS_LOGON_FAILURE;
896
897 for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
898 + struct auth_serversupplied_info *server_info;
899 + TALLOC_CTX *tmp_ctx;
900 NTSTATUS result;
901
902 - mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
903 - user_info->mapped.domain_name, user_info->client.account_name);
904 + tmp_ctx = talloc_named(mem_ctx,
905 + 0,
906 + "%s authentication for user %s\\%s",
907 + auth_method->name,
908 + user_info->mapped.domain_name,
909 + user_info->client.account_name);
910
911 - result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
912 + result = auth_method->auth(auth_context,
913 + auth_method->private_data,
914 + tmp_ctx,
915 + user_info,
916 + &server_info);
917
918 /* check if the module did anything */
919 if ( NT_STATUS_V(result) == NT_STATUS_V(NT_STATUS_NOT_IMPLEMENTED) ) {
920 DEBUG(10,("check_ntlm_password: %s had nothing to say\n", auth_method->name));
921 - talloc_destroy(mem_ctx);
922 + TALLOC_FREE(tmp_ctx);
923 continue;
924 }
925
926 @@ -271,19 +281,20 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
927 auth_method->name, user_info->client.account_name, nt_errstr(nt_status)));
928 }
929
930 - talloc_destroy(mem_ctx);
931 -
932 - if ( NT_STATUS_IS_OK(nt_status))
933 - {
934 - break;
935 + if (NT_STATUS_IS_OK(nt_status)) {
936 + *pserver_info = talloc_steal(mem_ctx, server_info);
937 + TALLOC_FREE(tmp_ctx);
938 + break;
939 }
940 +
941 + TALLOC_FREE(tmp_ctx);
942 }
943
944 /* successful authentication */
945
946 if (NT_STATUS_IS_OK(nt_status)) {
947 - unix_username = (*server_info)->unix_name;
948 - if (!(*server_info)->guest) {
949 + unix_username = (*pserver_info)->unix_name;
950 + if (!(*pserver_info)->guest) {
951 /* We might not be root if we are an RPC call */
952 become_root();
953 nt_status = smb_pam_accountcheck(
954 @@ -301,9 +312,9 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
955 }
956
957 if (NT_STATUS_IS_OK(nt_status)) {
958 - DEBUG((*server_info)->guest ? 5 : 2,
959 + DEBUG((*pserver_info)->guest ? 5 : 2,
960 ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
961 - (*server_info)->guest ? "guest " : "",
962 + (*pserver_info)->guest ? "guest " : "",
963 user_info->client.account_name,
964 user_info->mapped.account_name,
965 unix_username));
966 @@ -317,7 +328,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
967 DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
968 user_info->client.account_name, user_info->mapped.account_name,
969 nt_errstr(nt_status)));
970 - ZERO_STRUCTP(server_info);
971 + ZERO_STRUCTP(pserver_info);
972
973 return nt_status;
974 }
975 diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c
976 index 0ae712a..d51c96f 100644
977 --- a/source3/auth/auth_compat.c
978 +++ b/source3/auth/auth_compat.c
979 @@ -35,7 +35,8 @@ check if a username/password is OK assuming the password is in plaintext
980 return True if the password is correct, False otherwise
981 ****************************************************************************/
982
983 -NTSTATUS check_plaintext_password(const char *smb_name,
984 +NTSTATUS check_plaintext_password(TALLOC_CTX *mem_ctx,
985 + const char *smb_name,
986 DATA_BLOB plaintext_blob,
987 struct auth_serversupplied_info **server_info)
988 {
989 @@ -59,8 +60,10 @@ NTSTATUS check_plaintext_password(const char *smb_name,
990 return NT_STATUS_NO_MEMORY;
991 }
992
993 - nt_status = plaintext_auth_context->check_ntlm_password(plaintext_auth_context,
994 - user_info, server_info);
995 + nt_status = plaintext_auth_context->check_ntlm_password(mem_ctx,
996 + plaintext_auth_context,
997 + user_info,
998 + server_info);
999
1000 TALLOC_FREE(plaintext_auth_context);
1001 free_user_info(&user_info);
1002 @@ -84,7 +87,10 @@ static NTSTATUS pass_check_smb(struct auth_context *actx,
1003 domain,
1004 lm_pwd,
1005 nt_pwd);
1006 - nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
1007 + nt_status = actx->check_ntlm_password(talloc_tos(),
1008 + actx,
1009 + user_info,
1010 + &server_info);
1011 free_user_info(&user_info);
1012 TALLOC_FREE(server_info);
1013 return nt_status;
1014 @@ -127,7 +133,10 @@ bool password_ok(struct auth_context *actx, bool global_encrypted,
1015 }
1016 } else {
1017 struct auth_serversupplied_info *server_info = NULL;
1018 - NTSTATUS nt_status = check_plaintext_password(smb_name, password_blob, &server_info);
1019 + NTSTATUS nt_status = check_plaintext_password(talloc_tos(),
1020 + smb_name,
1021 + password_blob,
1022 + &server_info);
1023 TALLOC_FREE(server_info);
1024 if (NT_STATUS_IS_OK(nt_status)) {
1025 return True;
1026 diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
1027 index ae29c30..097501c 100644
1028 --- a/source3/auth/auth_ntlmssp.c
1029 +++ b/source3/auth/auth_ntlmssp.c
1030 @@ -143,8 +143,10 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
1031
1032 user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
1033
1034 - nt_status = auth_ntlmssp_state->auth_context->check_ntlm_password(auth_ntlmssp_state->auth_context,
1035 - user_info, &auth_ntlmssp_state->server_info);
1036 + nt_status = auth_ntlmssp_state->auth_context->check_ntlm_password(mem_ctx,
1037 + auth_ntlmssp_state->auth_context,
1038 + user_info,
1039 + &auth_ntlmssp_state->server_info);
1040
1041 username_was_mapped = user_info->was_mapped;
1042
1043 diff --git a/source3/auth/proto.h b/source3/auth/proto.h
1044 index e6830aa..fccabc4 100644
1045 --- a/source3/auth/proto.h
1046 +++ b/source3/auth/proto.h
1047 @@ -50,7 +50,8 @@ NTSTATUS auth_builtin_init(void);
1048
1049 /* The following definitions come from auth/auth_compat.c */
1050
1051 -NTSTATUS check_plaintext_password(const char *smb_name,
1052 +NTSTATUS check_plaintext_password(TALLOC_CTX *mem_ctx,
1053 + const char *smb_name,
1054 DATA_BLOB plaintext_password,
1055 struct auth_serversupplied_info **server_info);
1056 bool password_ok(struct auth_context *actx, bool global_encrypted,
1057 diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
1058 index 1441f88..1e5254e 100644
1059 --- a/source3/auth/user_krb5.c
1060 +++ b/source3/auth/user_krb5.c
1061 @@ -230,7 +230,7 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
1062 "make_server_info_sam\n", username));
1063 status = make_server_info_sam(mem_ctx,
1064 sampass,
1065 - &server_info);
1066 + server_info);
1067 } else {
1068 /*
1069 * User not in passdb, make it up artificially
1070 @@ -240,7 +240,7 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
1071 status = make_server_info_pw(mem_ctx,
1072 username,
1073 pw,
1074 - &server_info);
1075 + server_info);
1076 }
1077 TALLOC_FREE(sampass);
1078
1079 @@ -250,9 +250,6 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx,
1080 return status;
1081 }
1082
1083 - /* Steal tmp server info into the server_info pointer. */
1084 - *server_info = talloc_move(mem_ctx, &tmp);
1085 -
1086 /* make_server_info_pw does not set the domain. Without this
1087 * we end up with the local netbios name in substitutions for
1088 * %D. */
1089 diff --git a/source3/include/auth.h b/source3/include/auth.h
1090 index c017da9..b0ac11a 100644
1091 --- a/source3/include/auth.h
1092 +++ b/source3/include/auth.h
1093 @@ -89,7 +89,8 @@ struct auth_context {
1094
1095 NTSTATUS (*get_ntlm_challenge)(struct auth_context *auth_context,
1096 uint8_t chal[8]);
1097 - NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context,
1098 + NTSTATUS (*check_ntlm_password)(TALLOC_CTX *mem_ctx,
1099 + const struct auth_context *auth_context,
1100 const struct auth_usersupplied_info *user_info,
1101 struct auth_serversupplied_info **server_info);
1102 NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
1103 diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
1104 index 3fd93bc..1cf04df 100644
1105 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c
1106 +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
1107 @@ -1563,8 +1563,10 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
1108 } /* end switch */
1109
1110 if ( NT_STATUS_IS_OK(status) ) {
1111 - status = auth_context->check_ntlm_password(auth_context,
1112 - user_info, &server_info);
1113 + status = auth_context->check_ntlm_password(p->mem_ctx,
1114 + auth_context,
1115 + user_info,
1116 + &server_info);
1117 }
1118
1119 TALLOC_FREE(auth_context);
1120 diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
1121 index 75c2a15..2a40e1b 100644
1122 --- a/source3/smbd/sesssetup.c
1123 +++ b/source3/smbd/sesssetup.c
1124 @@ -140,7 +140,8 @@ static void reply_sesssetup_blob(struct smb_request *req,
1125 Do a 'guest' logon, getting back the
1126 ****************************************************************************/
1127
1128 -static NTSTATUS check_guest_password(struct auth_serversupplied_info **server_info)
1129 +static NTSTATUS check_guest_password(TALLOC_CTX *mem_ctx,
1130 + struct auth_serversupplied_info **server_info)
1131 {
1132 struct auth_context *auth_context;
1133 struct auth_usersupplied_info *user_info = NULL;
1134 @@ -150,7 +151,7 @@ static NTSTATUS check_guest_password(struct auth_serversupplied_info **server_in
1135
1136 DEBUG(3,("Got anonymous request\n"));
1137
1138 - nt_status = make_auth_context_fixed(talloc_tos(), &auth_context, chal);
1139 + nt_status = make_auth_context_fixed(mem_ctx, &auth_context, chal);
1140 if (!NT_STATUS_IS_OK(nt_status)) {
1141 return nt_status;
1142 }
1143 @@ -160,9 +161,10 @@ static NTSTATUS check_guest_password(struct auth_serversupplied_info **server_in
1144 return NT_STATUS_NO_MEMORY;
1145 }
1146
1147 - nt_status = auth_context->check_ntlm_password(auth_context,
1148 - user_info,
1149 - server_info);
1150 + nt_status = auth_context->check_ntlm_password(mem_ctx,
1151 + auth_context,
1152 + user_info,
1153 + server_info);
1154 TALLOC_FREE(auth_context);
1155 free_user_info(&user_info);
1156 return nt_status;
1157 @@ -1609,7 +1611,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
1158
1159 if (!*user) {
1160
1161 - nt_status = check_guest_password(&server_info);
1162 + nt_status = check_guest_password(talloc_tos(), &server_info);
1163
1164 } else if (doencrypt) {
1165 struct auth_context *negprot_auth_context = NULL;
1166 @@ -1627,6 +1629,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
1167 lm_resp, nt_resp);
1168 if (NT_STATUS_IS_OK(nt_status)) {
1169 nt_status = negprot_auth_context->check_ntlm_password(
1170 + talloc_tos(),
1171 negprot_auth_context,
1172 user_info,
1173 &server_info);
1174 @@ -1651,6 +1654,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
1175
1176 if (NT_STATUS_IS_OK(nt_status)) {
1177 nt_status = plaintext_auth_context->check_ntlm_password(
1178 + talloc_tos(),
1179 plaintext_auth_context,
1180 user_info,
1181 &server_info);
1182 --
1183 1.8.5.3
1184
1185 From f07614228629e650b0e0a27dd4d15b6e5eef5baa Mon Sep 17 00:00:00 2001
1186 From: Andreas Schneider <asn@samba.org>
1187 Date: Wed, 28 May 2014 15:12:29 +0200
1188 Subject: [PATCH 18/20] PATCHSET1: Allocate server_info on the correct memory
1189 context.
1190
1191 This fixes a talloc double free PANIC when connecting to share.
1192
1193 Signed-off-by: Andreas Schneider <asn@samba.org>
1194 ---
1195 source3/auth/auth_ntlmssp.c | 2 +-
1196 1 file changed, 1 insertion(+), 1 deletion(-)
1197
1198 diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
1199 index 097501c..3c7e324 100644
1200 --- a/source3/auth/auth_ntlmssp.c
1201 +++ b/source3/auth/auth_ntlmssp.c
1202 @@ -143,7 +143,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
1203
1204 user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
1205
1206 - nt_status = auth_ntlmssp_state->auth_context->check_ntlm_password(mem_ctx,
1207 + nt_status = auth_ntlmssp_state->auth_context->check_ntlm_password(auth_ntlmssp_state,
1208 auth_ntlmssp_state->auth_context,
1209 user_info,
1210 &auth_ntlmssp_state->server_info);
1211 --
1212 1.9.0
1213
1214 commit 0c6838663d42a04a80e25a8a3827710926952077
1215 Author: Andreas Schneider <asn@samba.org>
1216 AuthorDate: Wed Jul 2 16:39:22 2014 +0200
1217 Commit: Andreas Schneider <asn@samba.org>
1218 CommitDate: Wed Jul 2 16:47:43 2014 +0200
1219
1220 PATCHSET1 s3-auth: Do not double free the result.
1221
1222 Signed-off-by: Andreas Schneider <asn@samba.org>
1223 Reviewed-by: Guenther Deschner <gd@samba.org>
1224 ---
1225 source3/auth/auth_util.c | 4 ----
1226 1 file changed, 4 deletions(-)
1227
1228 diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
1229 index 5ffdb25f..1f1fed9 100644
1230 --- a/source3/auth/auth_util.c
1231 +++ b/source3/auth/auth_util.c
1232 @@ -883,10 +883,6 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
1233 *presult = talloc_steal(mem_ctx, result);
1234 done:
1235 talloc_free(tmp_ctx);
1236 - if (!NT_STATUS_IS_OK(status)) {
1237 - TALLOC_FREE(result);
1238 - return status;
1239 - }
1240
1241 return status;
1242 }
1243 commit 879e576d439fddf33ab2353b4a54ccd162020a03
1244 Author: Andreas Schneider <asn@samba.org>
1245 AuthorDate: Tue Jul 8 10:26:51 2014 +0200
1246 Commit: Andreas Schneider <asn@samba.org>
1247 CommitDate: Tue Jul 8 17:08:10 2014 +0200
1248
1249 PATCHSET1 s3-auth: Fix support for 'security = share' in passwd_to_SamInfo3().
1250
1251 Signed-off-by: Andreas Schneider <asn@samba.org>
1252 ---
1253 source3/auth/server_info.c | 19 ++++++++++++++++---
1254 1 file changed, 16 insertions(+), 3 deletions(-)
1255
1256 diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
1257 index 077bb6b..e627892 100644
1258 --- a/source3/auth/server_info.c
1259 +++ b/source3/auth/server_info.c
1260 @@ -575,9 +575,21 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
1261
1262 ZERO_STRUCT(domain_sid);
1263
1264 - sid_copy(&domain_sid, &user_sid);
1265 - sid_split_rid(&domain_sid, &info3->base.rid);
1266 - info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
1267 + /*
1268 + * Check if this is a "Unix Users" domain user,
1269 + * we need to handle it in a special way if that's the case.
1270 + */
1271 + if (sid_check_is_in_unix_users(&user_sid)) {
1272 + /*
1273 + * In info3 you can only set rids for the user and the
1274 + * primary group, and the domain sid must be that of
1275 + * the sam domain.
1276 + */
1277 + sid_copy(&domain_sid, get_global_sam_sid());
1278 + } else {
1279 + sid_copy(&domain_sid, &user_sid);
1280 + sid_split_rid(&domain_sid, &info3->base.rid);
1281 + }
1282
1283 ok = sid_peek_check_rid(&domain_sid, &group_sid,
1284 &info3->base.primary_gid);
1285 @@ -592,6 +604,7 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
1286 goto done;
1287 }
1288
1289 + info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
1290 info3->base.acct_flags = ACB_NORMAL;
1291
1292 if (num_sids) {
IPFire 2.x development tree