struct passwd *pass = NULL;
become_root();
- pass = Get_Pwnam(user_info->internal_username);
+ pass = Get_Pwnam_alloc(talloc_tos(), user_info->internal_username);
/** @todo This call assumes a ASCII password, no charset transformation is
}
}
+ TALLOC_FREE(pass);
return nt_status;
}
/* use the passwd entry as the default */
/* this will be the default if WITH_AUTOMOUNT is not used or fails */
- server_path = talloc_strdup(ctx, get_user_home_dir(user_name));
+ server_path = talloc_strdup(ctx, get_user_home_dir(ctx, user_name));
if (!server_path) {
return "";
}
{
char *b, *p, *s, *r, *a_string;
fstring pidstr, vnnstr;
- struct passwd *pass;
char addr[INET6_ADDRSTRLEN];
const char *local_machine_name = get_local_machine_name();
}
a_string = realloc_string_sub(a_string, "%U", r);
break;
- case 'G' :
+ case 'G' : {
+ struct passwd *pass;
r = SMB_STRDUP(smb_name);
if (r == NULL) {
goto error;
}
- if ((pass = Get_Pwnam(r))!=NULL) {
- a_string = realloc_string_sub(a_string, "%G", gidtoname(pass->pw_gid));
- }
+ pass = Get_Pwnam_alloc(talloc_tos(), r);
+ if (pass != NULL) {
+ a_string = realloc_string_sub(
+ a_string, "%G",
+ gidtoname(pass->pw_gid));
+ }
+ TALLOC_FREE(pass);
break;
+ }
case 'D' :
r = strdup_upper(domain_name);
if (r == NULL) {
const char *str)
{
char *a_string, *ret_string;
- char *b, *p, *s, *h;
+ char *b, *p, *s;
a_string = SMB_STRDUP(str);
if (a_string == NULL) {
case 'N' :
a_string = realloc_string_sub(a_string, "%N", automount_server(user));
break;
- case 'H':
- if ((h = get_user_home_dir(user)))
+ case 'H': {
+ char *h;
+ if ((h = get_user_home_dir(talloc_tos(), user)))
a_string = realloc_string_sub(a_string, "%H", h);
+ TALLOC_FREE(h);
break;
+ }
case 'P':
a_string = realloc_string_sub(a_string, "%P", connectpath);
break;
Get a users home directory.
****************************************************************************/
-char *get_user_home_dir(const char *user)
+char *get_user_home_dir(TALLOC_CTX *mem_ctx, const char *user)
{
- static struct passwd *pass;
+ struct passwd *pass;
+ char *result;
/* Ensure the user exists. */
- pass = Get_Pwnam(user);
+ pass = Get_Pwnam_alloc(mem_ctx, user);
if (!pass)
return(NULL);
+
/* Return home directory from struct passwd. */
- return(pass->pw_dir);
+ result = talloc_move(mem_ctx, &pass->pw_dir);
+
+ TALLOC_FREE(pass);
+ return result;
}
/****************************************************************************
* - using lp_usernamelevel() for permutations.
****************************************************************************/
-static struct passwd *Get_Pwnam_ret = NULL;
-
static struct passwd *Get_Pwnam_internals(TALLOC_CTX *mem_ctx,
const char *user, char *user2)
{
return ret;
}
-/****************************************************************************
- Get_Pwnam wrapper without modification.
- NOTE: This with NOT modify 'user'!
-****************************************************************************/
-
-struct passwd *Get_Pwnam(const char *user)
-{
- struct passwd *ret;
-
- ret = Get_Pwnam_alloc(NULL, user);
-
- /* This call used to just return the 'passwd' static buffer.
- This could then have accidental reuse implications, so
- we now malloc a copy, and free it in the next use.
-
- This should cause the (ab)user to segfault if it
- uses an old struct.
-
- This is better than useing the wrong data in security
- critical operations.
-
- The real fix is to make the callers free the returned
- malloc'ed data.
- */
-
- if (Get_Pwnam_ret) {
- TALLOC_FREE(Get_Pwnam_ret);
- }
-
- Get_Pwnam_ret = ret;
-
- return ret;
-}
-
/* The functions below have been taken from password.c and slightly modified */
/****************************************************************************
Apply a function to upper/lower case combinations
homes = lp_servicenumber(HOMES_NAME);
for (p = strtok(s, LIST_SEP); p; p = strtok(NULL, LIST_SEP)) {
- char *home = get_user_home_dir(p);
+ char *home;
if (lp_servicenumber(p) >= 0)
continue;
+ home = get_user_home_dir(talloc_tos(), p);
+
if (home && homes >= 0)
lp_add_home(p, homes, p, home);
+
+ TALLOC_FREE(home);
}
SAFE_FREE(s);
}
return True;
}
- pw = Get_Pwnam(*name);
+ pw = Get_Pwnam_alloc(talloc_tos(), *name);
if (pw == NULL) {
return False;
}
unix_id->uid = pw->pw_uid;
+ TALLOC_FREE(pw);
return True;
}
TALLOC_FREE(sam_account);
return NT_STATUS_ACCESS_DENIED;
}
- if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
+ passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd));
+ if (passwd == NULL) {
DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
}
TALLOC_FREE(pwd);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(passwd);
}
}
return False;
}
- if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
+ passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd));
+ if (passwd == NULL) {
DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
}
TALLOC_FREE(pwd);
return False;
}
+ TALLOC_FREE(passwd);
}
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
- pass = Get_Pwnam(username);
+ pass = Get_Pwnam_alloc(talloc_tos(), username);
if (!pass) {
DEBUG(1, ("change_oem_password: Username %s does not exist in system !?!\n", username));
return NT_STATUS_ACCESS_DENIED;
if (samr_reject_reason) {
*samr_reject_reason = REJECT_REASON_NOT_COMPLEX;
}
+ TALLOC_FREE(pass);
return NT_STATUS_PASSWORD_RESTRICTION;
}
}
if(lp_unix_password_sync() &&
!chgpasswd(username, pass, old_passwd, new_passwd, as_root)) {
+ TALLOC_FREE(pass);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(pass);
+
if (!pdb_set_plaintext_passwd (hnd, new_passwd)) {
return NT_STATUS_ACCESS_DENIED;
}
any incoming or new username - in order to canonicalize the name.
This is being done to de-couple the case conversions from the user mapping
function. Previously, the map_username was being called
- every time Get_Pwnam was called.
+ every time Get_Pwnam_alloc was called.
Returns True if username was changed, false otherwise.
********************************************************************/
/* check for a normal guest connection */
if (!ok && GUEST_OK(snum)) {
+ struct passwd *guest_pw;
fstring guestname;
fstrcpy(guestname,lp_guestaccount());
- if (Get_Pwnam(guestname)) {
+ guest_pw = Get_Pwnam_alloc(talloc_tos(), guestname);
+ if (guest_pw != NULL) {
fstrcpy(user,guestname);
ok = True;
DEBUG(3,("authorise_login: ACCEPTED: guest account "
DEBUG(0,("authorise_login: Invalid guest account "
"%s??\n",guestname));
}
+ TALLOC_FREE(guest_pw);
*guest = True;
}
int find_service(fstring service)
{
int iService;
+ TALLOC_CTX *frame = talloc_stackframe();
all_string_sub(service,"\\","/",0);
/* now handle the special case of a home directory */
if (iService < 0) {
- char *phome_dir = get_user_home_dir(service);
+ char *phome_dir = get_user_home_dir(talloc_tos(), service);
if(!phome_dir) {
/*
* be a Windows to unix mapped user name.
*/
if(map_username(service))
- phome_dir = get_user_home_dir(service);
+ phome_dir = get_user_home_dir(
+ talloc_tos(), service);
}
DEBUG(3,("checking for home directory %s gave %s\n",service,
if (iService < 0)
DEBUG(3,("find_service() failed to find service %s\n", service));
+ TALLOC_FREE(frame);
+
return (iService);
}
*status = NT_STATUS_WRONG_PASSWORD;
return NULL;
}
- pass = Get_Pwnam(user);
+ pass = Get_Pwnam_alloc(talloc_tos(), user);
status2 = create_token_from_username(conn->mem_ctx, pass->pw_name, True,
&conn->uid, &conn->gid,
&found_username,
&conn->nt_user_token);
+ TALLOC_FREE(pass);
if (!NT_STATUS_IS_OK(status2)) {
conn_free(conn);
*status = status2;
return NT_STATUS_NO_MEMORY;
}
- if (!(passwd = Get_Pwnam(account))) {
+ if (!(passwd = Get_Pwnam_alloc(sam_account, account))) {
/* Create appropriate user */
if (delta->acb_info & ACB_NORMAL) {
add_script = talloc_strdup(sam_account,
}
/* try and find the possible unix account again */
- if ( !(passwd = Get_Pwnam(account)) ) {
+ if ( !(passwd = Get_Pwnam_alloc(sam_account, account)) ) {
d_fprintf(stderr, "Could not create posix account info for '%s'\n", account);
nt_ret = NT_STATUS_NO_SUCH_USER;
goto done;
}
for (i = 0; ids[i]; i++) {
- struct passwd *pw;
struct group *gr;
enum lsa_SidType type;
const char *dom_name = NULL;
}
switch (type) {
- case SID_NAME_USER:
+ case SID_NAME_USER: {
+ struct passwd *pw;
/* this will find also all lower case name and use username level */
-
- pw = Get_Pwnam(name);
+
+ pw = Get_Pwnam_alloc(talloc_tos(), name);
if (pw) {
ids[i]->xid.id = pw->pw_uid;
ids[i]->xid.type = ID_TYPE_UID;
ids[i]->status = ID_MAPPED;
}
+ TALLOC_FREE(pw);
break;
+ }
case SID_NAME_DOM_GRP:
case SID_NAME_ALIAS: