From: Volker Lendecke Date: Thu, 1 Jul 2010 14:31:30 +0000 (+0200) Subject: v3-4-ctdb: Re-arrange winbindd_ads.c:query_user X-Git-Url: http://git.samba.org/?p=metze%2Fsamba%2Fwip.git;a=commitdiff_plain;h=ed4805e43ad0a0da8e91a3c3b87048392e18ce65 v3-4-ctdb: Re-arrange winbindd_ads.c:query_user We can't access the LDAP message after nss_get_info_cached has potentially destroyed the ads_struct --- diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 07510cb58501..03924eccb751 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -463,6 +463,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, uint32 group_rid; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; struct netr_SamInfo3 *user = NULL; + char *ads_name; DEBUG(3,("ads: query_user\n")); @@ -535,6 +536,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain, if (!ADS_ERR_OK(rc) || !msg) { DEBUG(1,("query_user(sid=%s) ads_search: %s\n", sid_string_dbg(sid), ads_errstr(rc))); + ads_msgfree(ads, msg); goto done; } @@ -542,11 +544,33 @@ static NTSTATUS query_user(struct winbindd_domain *domain, if (count != 1) { DEBUG(1,("query_user(sid=%s): Not found\n", sid_string_dbg(sid))); + ads_msgfree(ads, msg); goto done; } info->acct_name = ads_pull_username(ads, mem_ctx, msg); + if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) { + DEBUG(1,("No primary group for %s !?\n", + sid_string_dbg(sid))); + ads_msgfree(ads, msg); + goto done; + } + + sid_copy(&info->user_sid, sid); + sid_compose(&info->group_sid, &domain->sid, group_rid); + + /* + * We have to fetch the "name" attribute before doing the + * nss_get_info_cached call. nss_get_info_cached might destroy + * the ads struct, potentially invalidating the ldap message. + */ + + ads_name = ads_pull_string(ads, mem_ctx, msg, "name"); + + ads_msgfree(ads, msg); + msg = NULL; + status = nss_get_info_cached( domain, sid, mem_ctx, ads, msg, &info->homedir, &info->shell, &info->full_name, &info->primary_gid ); @@ -557,35 +581,15 @@ static NTSTATUS query_user(struct winbindd_domain *domain, } if (info->full_name == NULL) { - info->full_name = ads_pull_string(ads, mem_ctx, msg, "name"); - } - - /* - * We have to re-fetch ads from the domain, - * nss_get_info_cached might have invalidated it. - */ - ads = ads_cached_connection(domain); - if (ads == NULL) { - domain->last_status = NT_STATUS_SERVER_DISABLED; - goto done; - } - - if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) { - DEBUG(1,("No primary group for %s !?\n", - sid_string_dbg(sid))); - goto done; + info->full_name = ads_name; + } else { + TALLOC_FREE(ads_name); } - sid_copy(&info->user_sid, sid); - sid_compose(&info->group_sid, &domain->sid, group_rid); - status = NT_STATUS_OK; DEBUG(3,("ads query_user gave %s\n", info->acct_name)); done: - if (msg) - ads_msgfree(ads, msg); - return status; }