yess :) fixed the client / server reusage mixup by adding code to msrpc_find

that checks the vuser_key.  all client-side connections must now be separated
by the client's security context (vuser_key).

diff --git a/source/lib/msrpc_use.c b/source/lib/msrpc_use.c
index 4b05a9e3e155e17d9f5cef76c6b3a53bde5be4ed..8a38bcfa5ac3aa6c5fa8a4084cace38507f90adf 100644 (file)
--- a/source/lib/msrpc_use.c
+++ b/source/lib/msrpc_use.c
@@ -108,7 +108,7 @@ void free_msrpc_use(void)
 find client state.  server name, user name, domain name and password must all
 match.
 ****************************************************************************/
-static struct msrpc_use *msrpc_find(const char* pipe_name)
+static struct msrpc_use *msrpc_find(const char* pipe_name, const vuser_key *key)
 {
        int i;
 
@@ -118,14 +118,18 @@ static struct msrpc_use *msrpc_find(const char* pipe_name)
        {
                char *msrpc_name = NULL;
                struct msrpc_use *c = msrpcs[i];
+               vuser_key k;
 
                if (c == NULL) continue;
 
                msrpc_name = c->cli->pipe_name;
+               k = c->cli->nt.key;
 
-               DEBUG(10,("msrpc_find[%d]: %s\n", i, msrpc_name));
+               DEBUG(10,("msrpc_find[%d]: %s [%d,%x]\n",
+                  i, msrpc_name, k.pid, k.vuid));
                                
-               if (strequal(msrpc_name, pipe_name))
+               if (strequal(msrpc_name, pipe_name) &&
+                   (key == NULL || (k.pid == key->pid && k.vuid == key->vuid)))
                {
                        return c;
                }
@@ -169,7 +173,7 @@ struct msrpc_state *msrpc_use_add(const char* pipe_name,
        struct msrpc_use *cli;
        DEBUG(10,("msrpc_use_add: %s redir: %s\n", pipe_name, BOOLSTR(redir)));
 
-       cli = msrpc_find(pipe_name); 
+       cli = msrpc_find(pipe_name, key); 
 
        if (cli != NULL)
        {

diff --git a/source/lib/username.c b/source/lib/username.c
index 36a7c4fdd14ee161698ce9b88d1bc6be71400203..4a0d8a36bcae8ad3e29daa3a88ddf010a36a7b28 100644 (file)
--- a/source/lib/username.c
+++ b/source/lib/username.c
@@ -228,11 +228,11 @@ static BOOL have_passwd_hash(void)
 
 struct passwd *hashed_getpwnam(const char *name)
 {
+#if 0
   struct passwd_hash_table_s *pht=&passwd_hash_table;
 
   DEBUG(5,("getpwnam(%s)\n", name));
 
-#if 0
   if (have_passwd_hash())
   {
     int name_i=name_hash_function(name);
@@ -269,11 +269,11 @@ turn a uid into a user name
 char *uidtoname(uid_t uid)
 {
   static char name[40];
-  struct passwd_hash_table_s *pht=&passwd_hash_table;
   struct passwd *pass=NULL;
+#if 0
+  struct passwd_hash_table_s *pht=&passwd_hash_table;
 
   DEBUG(5,("uidtoname(%d)\n",uid));
-#if 0
   if (have_passwd_hash()) {
     int hash_index=pht->uids[uid_hash_function(uid)];
     while(hash_index!=-1) {

diff --git a/source/lib/util_hnd.c b/source/lib/util_hnd.c
index 408f1140dc72cf0dd1188c07399910c799c6ddce..d842310fa968adc9cbeb073c1a787dfaa743788f 100644 (file)
--- a/source/lib/util_hnd.c
+++ b/source/lib/util_hnd.c
@@ -356,11 +356,7 @@ BOOL pol_get_usr_sesskey(struct policy_cache *cache, const POLICY_HND *hnd,
        const vuser_key *key = get_policy_vuser_key(cache, hnd);
        user_struct *vuser;
 
-       if (key == NULL)
-       {
-               return False;
-       }
-       if (key->vuid == UID_FIELD_INVALID)
+       if (key == NULL || key->vuid == UID_FIELD_INVALID)
        {
                memset(usr_sess_key, 0, 16);
                return True;

diff --git a/source/rpc_client/cli_connect.c b/source/rpc_client/cli_connect.c
index 15efec7c83cbf8c3980df908f5298f3827e99498..a650ee3a14608ca64a7378fe083c677ec7833d5e 100644 (file)
--- a/source/rpc_client/cli_connect.c
+++ b/source/rpc_client/cli_connect.c
@@ -123,7 +123,6 @@ static struct cli_connection *cli_con_get(const char* srv_name,
        }
        else
        {
-#if 0
                NET_USER_INFO_3 usr;
                uid_t uid = getuid();
                gid_t gid = getgid();
@@ -136,9 +135,6 @@ static struct cli_connection *cli_con_get(const char* srv_name,
                                             uid, gid,
                                     name, name, False,
                                             &usr);
-#endif
-               con_key.pid = getpid();
-               con_key.vuid = UID_FIELD_INVALID;
        }
 
        if (srv_name != NULL)

diff --git a/source/samrd/srv_samr_usr_tdb.c b/source/samrd/srv_samr_usr_tdb.c
index c979217571b4b68671df0126143e612496499d21..496125dde04ff66a151e9091ec66c8fa2dbe8e20 100644 (file)
--- a/source/samrd/srv_samr_usr_tdb.c
+++ b/source/samrd/srv_samr_usr_tdb.c
@@ -236,6 +236,7 @@ static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb, uint32 rid,
 
        if (tdb_writelock(tdb) != 0)
        {
+               DEBUG(5,("tdb_set_userinfo_pwds: write lock failed\n"));
                return False;
        }
 
@@ -582,6 +583,7 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
                        SamOEMhash(id24->pass, user_sess_key, True);
                        if (!set_user_info_24(tdb_usr, rid, id24))
                        {
+                               DEBUG(10,("_samr_set_userinfo 0x18 failed\n"));
                                return NT_STATUS_ACCESS_DENIED;
                        }
                        break;