uint32 lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
uint32 pwHistLen = 0;
bool ret = True;
- fstring tmpstring;
+ fstring tmp_string;
bool expand_explicit = lp_passdb_expand_explicit();
if(sampass == NULL || buf == NULL) {
pdb_set_fullname(sampass, fullname, PDB_SET);
if (homedir) {
- fstrcpy( tmpstring, homedir );
+ fstrcpy( tmp_string, homedir );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_homedir(sampass, tmpstring, PDB_SET);
+ pdb_set_homedir(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_homedir(sampass,
pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
if (logon_script) {
- fstrcpy( tmpstring, logon_script );
+ fstrcpy( tmp_string, logon_script );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_logon_script(sampass, tmpstring, PDB_SET);
+ pdb_set_logon_script(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_logon_script(sampass,
}
if (profile_path) {
- fstrcpy( tmpstring, profile_path );
+ fstrcpy( tmp_string, profile_path );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_profile_path(sampass, tmpstring, PDB_SET);
+ pdb_set_profile_path(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_profile_path(sampass,
/**
* @todo Redefine this to NULL, but this changes the API because
* much of samba assumes that the pdb_get...() funtions
- * return pstrings. (ie not null-pointers).
+ * return strings. (ie not null-pointers).
* See also pdb_fill_default_sam().
*/
if ( pdb && reload ) {
pdb->free_private_data( &(pdb->private_data) );
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
- pstring msg;
- slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
- lp_passdb_backend() );
+ char *msg = NULL;
+ asprintf(&msg, "pdb_get_methods_reload: "
+ "failed to get pdb methods for backend %s\n",
+ lp_passdb_backend());
smb_panic(msg);
}
}
if ( !pdb ) {
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
- pstring msg;
- slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
- lp_passdb_backend() );
+ char *msg = NULL;
+ asprintf(&msg, "pdb_get_methods_reload: "
+ "failed to get pdb methods for backend %s\n",
+ lp_passdb_backend());
smb_panic(msg);
}
}
}
if ( !(pwd = Get_Pwnam_alloc(tmp_ctx, name)) ) {
- pstring add_script;
+ char *add_script = NULL;
int add_ret;
fstring name2;
if ((acb_info & ACB_NORMAL) && name[strlen(name)-1] != '$') {
- pstrcpy(add_script, lp_adduser_script());
+ add_script = talloc_strdup(tmp_ctx,
+ lp_adduser_script());
} else {
- pstrcpy(add_script, lp_addmachine_script());
+ add_script = talloc_strdup(tmp_ctx,
+ lp_addmachine_script());
}
- if (add_script[0] == '\0') {
+ if (!add_script || add_script[0] == '\0') {
DEBUG(3, ("Could not find user %s and no add script "
"defined\n", name));
return NT_STATUS_NO_SUCH_USER;
compatibility with previous Samba releases */
fstrcpy( name2, name );
strlower_m( name2 );
- all_string_sub(add_script, "%u", name2, sizeof(add_script));
+ add_script = talloc_all_string_sub(tmp_ctx,
+ add_script,
+ "%u",
+ name2);
+ if (!add_script) {
+ return NT_STATUS_NO_MEMORY;
+ }
add_ret = smbrun(add_script,NULL);
DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
add_script, add_ret));
static int smb_delete_user(const char *unix_user)
{
- pstring del_script;
+ char *del_script = NULL;
int ret;
/* safety check */
return -1;
}
- pstrcpy(del_script, lp_deluser_script());
- if (! *del_script)
+ del_script = talloc_strdup(talloc_tos(), lp_deluser_script());
+ if (!del_script || !*del_script) {
+ return -1;
+ }
+ del_script = talloc_all_string_sub(talloc_tos(),
+ del_script,
+ "%u",
+ unix_user);
+ if (!del_script) {
return -1;
- all_string_sub(del_script, "%u", unix_user, sizeof(del_script));
+ }
ret = smbrun(del_script,NULL);
flush_pwnam_cache();
if (ret == 0) {
/* formerly static variables */
struct smb_passwd pw_buf;
- pstring user_name;
+ fstring user_name;
unsigned char smbpwd[16];
unsigned char smbntpwd[16];
continue;
}
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
- SMB_ASSERT(sizeof(pstring) > sizeof(linebuf));
-
strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
user_name[PTR_DIFF(p, linebuf)] = '\0';
static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const struct smb_passwd* pwd)
{
/* Static buffers we will return. */
- pstring user_name;
+ fstring user_name;
char *status;
char linebuf[256];
continue;
}
- /*
- * As 256 is shorter than a pstring we don't need to check
- * length here - if this ever changes....
- */
-
- SMB_ASSERT(sizeof(user_name) > sizeof(linebuf));
-
strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
user_name[PTR_DIFF(p, linebuf)] = '\0';
if (strequal(user_name, pwd->smb_name)) {
static bool del_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, const char *name)
{
const char *pfile = smbpasswd_state->smbpasswd_file;
- pstring pfile2;
+ char *pfile2 = NULL;
struct smb_passwd *pwd = NULL;
FILE *fp = NULL;
FILE *fp_write = NULL;
int pfile2_lockdepth = 0;
- slprintf(pfile2, sizeof(pfile2)-1, "%s.%u", pfile, (unsigned)sys_getpid() );
+ pfile2 = talloc_asprintf(talloc_tos(),
+ "%s.%u",
+ pfile, (unsigned)sys_getpid());
+ if (!pfile2) {
+ return false;
+ }
/*
* Open the smbpassword file - for update. It needs to be update
if(rename(pfile2,pfile) != 0) {
unlink(pfile2);
}
-
+
endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth);
endsmbfilepwent(fp_write,&pfile2_lockdepth);
return True;
struct samu *old_acct,
const char *newname)
{
- pstring rename_script;
+ char *rename_script = NULL;
struct samu *new_acct = NULL;
bool interim_account = False;
+ TALLOC_CTX *ctx = talloc_tos();
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
if (!*(lp_renameuser_script()))
{
goto done;
}
-
+
ret = smbpasswd_add_sam_account(my_methods, new_acct);
if (!NT_STATUS_IS_OK(ret))
goto done;
interim_account = True;
/* rename the posix user */
- pstrcpy(rename_script, lp_renameuser_script());
+ rename_script = talloc_strdup(ctx,
+ lp_renameuser_script());
+ if (!rename_script) {
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
if (*rename_script) {
int rename_ret;
- string_sub2(rename_script, "%unew", newname, sizeof(pstring),
- True, False, True);
- string_sub2(rename_script, "%uold", pdb_get_username(old_acct),
- sizeof(pstring), True, False, True);
+ rename_script = talloc_string_sub2(ctx,
+ rename_script,
+ "%unew",
+ newname,
+ true,
+ false,
+ true);
+ if (!rename_script) {
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ rename_script = talloc_string_sub2(ctx,
+ rename_script,
+ "%uold",
+ pdb_get_username(old_acct),
+ true,
+ false,
+ true);
+ if (!rename_script) {
+ ret = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
rename_ret = smbrun(rename_script, NULL);
smb_nscd_flush_user_cache();
}
- if (rename_ret)
- goto done;
+ if (rename_ret)
+ goto done;
} else {
goto done;
}
smbpasswd_delete_sam_account(my_methods, old_acct);
interim_account = False;
-done:
+done:
/* cleanup */
if (interim_account)
smbpasswd_delete_sam_account(my_methods, new_acct);
uint32 lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
uint32 pwHistLen = 0;
bool ret = True;
- fstring tmpstring;
+ fstring tmp_string;
bool expand_explicit = lp_passdb_expand_explicit();
if(sampass == NULL || buf == NULL) {
pdb_set_fullname(sampass, fullname, PDB_SET);
if (homedir) {
- fstrcpy( tmpstring, homedir );
+ fstrcpy( tmp_string, homedir );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_homedir(sampass, tmpstring, PDB_SET);
+ pdb_set_homedir(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_homedir(sampass,
pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
if (logon_script) {
- fstrcpy( tmpstring, logon_script );
+ fstrcpy( tmp_string, logon_script );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_logon_script(sampass, tmpstring, PDB_SET);
+ pdb_set_logon_script(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_logon_script(sampass,
}
if (profile_path) {
- fstrcpy( tmpstring, profile_path );
+ fstrcpy( tmp_string, profile_path );
if (expand_explicit) {
- standard_sub_basic( username, domain, tmpstring,
- sizeof(tmpstring) );
+ standard_sub_basic( username, domain, tmp_string,
+ sizeof(tmp_string) );
}
- pdb_set_profile_path(sampass, tmpstring, PDB_SET);
+ pdb_set_profile_path(sampass, tmp_string, PDB_SET);
}
else {
pdb_set_profile_path(sampass,
- unlock the new user record
***************************************************************************/
static NTSTATUS tdbsam_rename_sam_account(struct pdb_methods *my_methods,
- struct samu *old_acct,
+ struct samu *old_acct,
const char *newname)
{
+ TALLOC_CTX *ctx = talloc_tos();
struct samu *new_acct = NULL;
- pstring rename_script;
+ char *rename_script = NULL;
bool interim_account = False;
int rename_ret;
fstring oldname_lower;
fstring newname_lower;
/* can't do anything without an external script */
-
- pstrcpy(rename_script, lp_renameuser_script() );
- if ( ! *rename_script ) {
+
+ rename_script = talloc_strdup(ctx, lp_renameuser_script());
+ if (!rename_script) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (!*rename_script) {
return NT_STATUS_ACCESS_DENIED;
}
/* invalidate the existing TDB iterator if it is open */
-
+
tdbsam_endsampwent( my_methods );
if ( !(new_acct = samu_new( NULL )) ) {
return NT_STATUS_NO_MEMORY;
}
-
- if ( !pdb_copy_sam_account(new_acct, old_acct)
- || !pdb_set_username(new_acct, newname, PDB_CHANGED))
+
+ if ( !pdb_copy_sam_account(new_acct, old_acct)
+ || !pdb_set_username(new_acct, newname, PDB_CHANGED))
{
TALLOC_FREE(new_acct );
return NT_STATUS_NO_MEMORY;
}
/* open the database */
-
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
TALLOC_FREE(new_acct );
}
/* add the new account and lock it */
-
if ( !tdb_update_samacct_only(new_acct, TDB_INSERT) ) {
goto done;
}
-
+
interim_account = True;
if ( tdb_lock_bystring_with_timeout(tdbsam, newname, 30) == -1 ) {
fstrcpy( newname_lower, newname );
strlower_m( newname_lower );
- string_sub2(rename_script, "%unew", newname_lower, sizeof(pstring),
- True, False, True);
- string_sub2(rename_script, "%uold", oldname_lower, sizeof(pstring),
- True, False, True);
+ rename_script = talloc_string_sub2(ctx,
+ rename_script,
+ "%unew",
+ newname_lower,
+ true,
+ false,
+ true);
+ if (!rename_script) {
+ goto done;
+ }
+ rename_script = talloc_string_sub2(ctx,
+ rename_script,
+ "%uold",
+ oldname_lower,
+ true,
+ false,
+ true);
+ if (!rename_script) {
+ goto done;
+ }
rename_ret = smbrun(rename_script, NULL);
- DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
+ DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n",
+ rename_script, rename_ret));
if (rename_ret == 0) {
smb_nscd_flush_user_cache();
}
if (rename_ret) {
- goto done;
+ goto done;
}
/* rewrite the rid->username record */
-
+
if ( !tdb_update_ridrec_only( new_acct, TDB_MODIFY) ) {
goto done;
}
tdb_unlock_bystring( tdbsam, newname );
tdb_delete_samacct_only( old_acct );
-
+
tdbsam_close();
-
+
TALLOC_FREE(new_acct );
return NT_STATUS_OK;
-done:
+done:
/* cleanup */
if (interim_account) {
tdb_unlock_bystring(tdbsam, newname);
tdb_delete_samacct_only(new_acct);
}
-
+
tdbsam_close();
-
+
if (new_acct)
TALLOC_FREE(new_acct);
static NTSTATUS pdb_init_tdbsam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
- pstring tdbfile;
+ char *tdbfile = NULL;
const char *pfile = location;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
(*pdb_method)->new_rid = tdbsam_new_rid;
/* save the path for later */
-
- if ( !location ) {
- pstr_sprintf( tdbfile, "%s/%s", dyn_STATEDIR(), PASSDB_FILE_NAME );
+
+ if (!location) {
+ if (asprintf(&tdbfile, "%s/%s", dyn_STATEDIR(), PASSDB_FILE_NAME) < 0) {
+ return NT_STATUS_NO_MEMORY;
+ }
pfile = tdbfile;
}
tdbsam_filename = SMB_STRDUP(pfile);
+ if (!tdbsam_filename) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ SAFE_FREE(tdbfile);
/* no private data */
-
+
(*pdb_method)->private_data = NULL;
(*pdb_method)->free_private_data = NULL;
/* open up the secrets database */
bool secrets_init(void)
{
- pstring fname;
+ TALLOC_CTX *ctx;
+ char *fname = NULL;
unsigned char dummy;
if (tdb)
return True;
- pstrcpy(fname, lp_private_dir());
- pstrcat(fname,"/secrets.tdb");
+ ctx = talloc_init("secrets_init");
+ if (!ctx) {
+ return false;
+ }
+ fname = talloc_asprintf(ctx,
+ "%s/secrets.tdb",
+ lp_private_dir());
+ if (!fname) {
+ TALLOC_FREE(ctx);
+ return false;
+ }
tdb = tdb_open_log(fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
if (!tdb) {
DEBUG(0,("Failed to open %s\n", fname));
+ TALLOC_FREE(ctx);
return False;
}
+ TALLOC_FREE(ctx);
+
/**
* Set a reseed function for the crypto random generator
*
{
int idx;
size_t len = 0;
+ uint8 *p = pack_buf;
+ int remaining_space = pack_buf ? bufsize : 0;
- if (!sid || !pack_buf) return -1;
+ if (!sid) {
+ return -1;
+ }
- len += tdb_pack(pack_buf + len, bufsize - len, "bb", sid->sid_rev_num,
+ len += tdb_pack(p, remaining_space, "bb", sid->sid_rev_num,
sid->num_auths);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
for (idx = 0; idx < 6; idx++) {
- len += tdb_pack(pack_buf + len, bufsize - len, "b",
+ len += tdb_pack(p, remaining_space, "b",
sid->id_auth[idx]);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
}
for (idx = 0; idx < MAXSUBAUTHS; idx++) {
- len += tdb_pack(pack_buf + len, bufsize - len, "d",
+ len += tdb_pack(p, remaining_space, "d",
sid->sub_auths[idx]);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
}
return len;
TRUSTED_DOM_PASS* pass)
{
int idx, len = 0;
+ uint8 *p = pack_buf;
+ int remaining_space = pack_buf ? bufsize : 0;
- if (!pack_buf || !pass) return -1;
+ if (!pass) {
+ return -1;
+ }
/* packing unicode domain name and password */
- len += tdb_pack(pack_buf + len, bufsize - len, "d",
+ len += tdb_pack(p, remaining_space, "d",
pass->uni_name_len);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
- for (idx = 0; idx < 32; idx++)
- len += tdb_pack(pack_buf + len, bufsize - len, "w",
+ for (idx = 0; idx < 32; idx++) {
+ len += tdb_pack(p, remaining_space, "w",
pass->uni_name[idx]);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
+ }
- len += tdb_pack(pack_buf + len, bufsize - len, "dPd", pass->pass_len,
+ len += tdb_pack(p, remaining_space, "dPd", pass->pass_len,
pass->pass, pass->mod_time);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
/* packing SID structure */
- len += tdb_sid_pack(pack_buf + len, bufsize - len, &pass->domain_sid);
+ len += tdb_sid_pack(p, remaining_space, &pass->domain_sid);
+ if (pack_buf) {
+ p += len;
+ remaining_space -= len;
+ }
return len;
}
const DOM_SID *sid)
{
smb_ucs2_t *uni_dom_name;
+ bool ret;
/* packing structures */
- pstring pass_buf;
+ uint8 *pass_buf = NULL;
int pass_len = 0;
- int pass_buf_len = sizeof(pass_buf);
struct trusted_dom_pass pass;
ZERO_STRUCT(pass);
/* domain sid */
sid_copy(&pass.domain_sid, sid);
- pass_len = tdb_trusted_dom_pass_pack((uint8 *)pass_buf, pass_buf_len, &pass);
-
- return secrets_store(trustdom_keystr(domain), (void *)&pass_buf, pass_len);
+ /* Calculate the length. */
+ pass_len = tdb_trusted_dom_pass_pack(NULL, 0, &pass);
+ pass_buf = SMB_MALLOC_ARRAY(uint8, pass_len);
+ if (!pass_buf) {
+ return false;
+ }
+ pass_len = tdb_trusted_dom_pass_pack(pass_buf, pass_len, &pass);
+ ret = secrets_store(trustdom_keystr(domain), (void *)&pass_buf,
+ pass_len);
+ SAFE_FREE(pass_buf);
+ return ret;
}
/************************************************************************
bool fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
{
- extern pstring global_myname;
struct cli_state cli;
NTSTATUS result;
POLICY_HND lsa_pol;
goto done;
}
- if (!attempt_netbios_session_request(&cli, global_myname, remote_machine, &cli.dest_ip)) {
+ if (!attempt_netbios_session_request(&cli, global_myname(), remote_machine, &cli.dest_ip)) {
DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
remote_machine));
goto done;
ret = rpc_api_pipe(cli, &outgoing_pdu, out_data, RPC_RESPONSE);
prs_mem_free(&outgoing_pdu);
-
if (DEBUGLEVEL >= 50) {
- pstring dump_name;
+ char *dump_name = NULL;
/* Also capture received data */
- slprintf(dump_name, sizeof(dump_name) - 1, "%s/reply_%s_%d",
- dyn_LOGFILEBASE, cli->pipe_name, op_num);
- prs_dump(dump_name, op_num, out_data);
+ if (asprintf(&dump_name, "%s/reply_%s_%d",
+ dyn_LOGFILEBASE, cli->pipe_name,
+ op_num) > 0) {
+ prs_dump(dump_name, op_num, out_data);
+ SAFE_FREE(dump_name);
+ }
}
return ret;
/**
* Dump a prs to a file: from the current location through to the end.
**/
-void prs_dump(char *name, int v, prs_struct *ps)
+void prs_dump(const char *name, int v, prs_struct *ps)
{
prs_dump_region(name, v, ps, ps->data_offset, ps->buffer_size);
}
/**
* Dump from the start of the prs to the current location.
**/
-void prs_dump_before(char *name, int v, prs_struct *ps)
+void prs_dump_before(const char *name, int v, prs_struct *ps)
{
prs_dump_region(name, v, ps, 0, ps->data_offset);
}
/**
* Dump everything from the start of the prs up to the current location.
**/
-void prs_dump_region(char *name, int v, prs_struct *ps,
+void prs_dump_region(const char *name, int v, prs_struct *ps,
int from_off, int to_off)
{
int fd, i;
bool ret;
if (lp_loaded()) {
- pstring fname;
+ const char *fname = lp_configfile();
- pstrcpy(fname,lp_configfile());
if (file_exist(fname,NULL) && !strcsequal(fname,dyn_CONFIGFILE)) {
pstrcpy(dyn_CONFIGFILE,fname);
}
static void terminate(void)
{
- pstring path;
+ char *path = NULL;
/* Remove socket file */
- pstr_sprintf(path, "%s/%s",
- get_winbind_pipe_dir(), WINBINDD_SOCKET_NAME);
- unlink(path);
+ if (asprintf(&path, "%s/%s",
+ get_winbind_pipe_dir(), WINBINDD_SOCKET_NAME) > 0) {
+ unlink(path);
+ SAFE_FREE(path);
+ }
idmap_close();
int main(int argc, char **argv, char **envp)
{
- pstring logfile;
static bool is_daemon = False;
static bool Fork = True;
static bool log_stdout = False;
poptFreeContext(pc);
if (!override_logfile) {
- pstr_sprintf(logfile, "%s/log.winbindd", dyn_LOGFILEBASE);
- lp_set_logfile(logfile);
+ char *logfile = NULL;
+ if (asprintf(&logfile,"%s/log.winbindd",
+ dyn_LOGFILEBASE) > 0) {
+ lp_set_logfile(logfile);
+ SAFE_FREE(logfile);
+ }
}
setup_logging("winbindd", log_stdout);
reopen_logs();