* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
static TDB_CONTEXT *tdb; /* used for driver files */
-static BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only);
-static BOOL group_map_remove(const DOM_SID *sid);
+static bool enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, bool unix_only);
+static bool group_map_remove(const DOM_SID *sid);
/****************************************************************************
Open the group mapping tdb.
****************************************************************************/
-static BOOL init_group_mapping(void)
+static bool init_group_mapping(void)
{
const char *vstring = "INFO/version";
int32 vers_id;
if (tdb)
return True;
- tdb = tdb_open_log(lock_path("group_mapping.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
+ tdb = tdb_open_log(state_path("group_mapping.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
if (!tdb) {
DEBUG(0,("Failed to open group mapping database\n"));
return False;
/****************************************************************************
****************************************************************************/
-static BOOL add_mapping_entry(GROUP_MAP *map, int flag)
+static bool add_mapping_entry(GROUP_MAP *map, int flag)
{
TDB_DATA dbuf;
- pstring key, buf;
+ char *key = NULL;
+ char *buf = NULL;
fstring string_sid="";
int len;
+ bool ret;
sid_to_string(string_sid, &map->sid);
- len = tdb_pack((uint8 *)buf, sizeof(buf), "ddff",
- map->gid, map->sid_name_use, map->nt_name, map->comment);
-
- if (len > sizeof(buf))
- return False;
+ len = tdb_pack(NULL, sizeof(buf), "ddff",
+ map->gid, map->sid_name_use, map->nt_name, map->comment);
+ if (len) {
+ buf = SMB_MALLOC_ARRAY(char, len);
+ if (!buf) {
+ return false;
+ }
+ len = tdb_pack((uint8 *)buf, sizeof(buf), "ddff", map->gid,
+ map->sid_name_use, map->nt_name, map->comment);
+ }
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ SAFE_FREE(buf);
+ return false;
+ }
dbuf.dsize = len;
dbuf.dptr = (uint8 *)buf;
- if (tdb_store_bystring(tdb, key, dbuf, flag) != 0) return False;
- return True;
+ ret = (tdb_store_bystring(tdb, key, dbuf, flag) == 0);
+
+ SAFE_FREE(key);
+ SAFE_FREE(buf);
+ return ret;
}
Return the sid and the type of the unix group.
****************************************************************************/
-static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static bool get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
int ret = 0;
-
+
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, &sid);
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ return false;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
- if (!dbuf.dptr)
- return False;
+ if (!dbuf.dptr) {
+ SAFE_FREE(key);
+ return false;
+ }
+
+ SAFE_FREE(key);
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
- &map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
+ &map->gid, &map->sid_name_use,
+ &map->nt_name, &map->comment);
SAFE_FREE(dbuf.dptr);
-
+
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_sid: tdb_unpack failure\n"));
return False;
}
sid_copy(&map->sid, &sid);
-
+
return True;
}
Return the sid and the type of the unix group.
****************************************************************************/
-static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
+static bool get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf, newkey;
fstring string_sid;
/* we need to enumerate the TDB to find the GID */
- for (kbuf = tdb_firstkey(tdb);
- kbuf.dptr;
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
if (strncmp((const char *)kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
-
+
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr)
continue;
fstrcpy(string_sid, (const char *)kbuf.dptr+strlen(GROUP_PREFIX));
string_to_sid(&map->sid, string_sid);
-
+
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
DEBUG(3,("get_group_map_from_gid: tdb_unpack failure\n"));
return False;
}
-
+
if (gid==map->gid) {
SAFE_FREE(kbuf.dptr);
return True;
Return the sid and the type of the unix group.
****************************************************************************/
-static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
+static bool get_group_map_from_ntname(const char *name, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf, newkey;
fstring string_sid;
/* we need to enumerate the TDB to find the name */
- for (kbuf = tdb_firstkey(tdb);
- kbuf.dptr;
+ for (kbuf = tdb_firstkey(tdb);
+ kbuf.dptr;
newkey = tdb_nextkey(tdb, kbuf), safe_free(kbuf.dptr), kbuf=newkey) {
if (strncmp((const char *)kbuf.dptr, GROUP_PREFIX, strlen(GROUP_PREFIX)) != 0) continue;
-
+
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr)
continue;
fstrcpy(string_sid, (const char *)kbuf.dptr+strlen(GROUP_PREFIX));
string_to_sid(&map->sid, string_sid);
-
+
ret = tdb_unpack(dbuf.dptr, dbuf.dsize, "ddff",
&map->gid, &map->sid_name_use, &map->nt_name, &map->comment);
SAFE_FREE(dbuf.dptr);
-
+
if ( ret == -1 ) {
DEBUG(3,("get_group_map_from_ntname: tdb_unpack failure\n"));
return False;
Remove a group mapping entry.
****************************************************************************/
-static BOOL group_map_remove(const DOM_SID *sid)
+static bool group_map_remove(const DOM_SID *sid)
{
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
-
+ bool ret;
+
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, sid);
- slprintf(key, sizeof(key), "%s%s", GROUP_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", GROUP_PREFIX, string_sid) < 0) {
+ return false;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
- if (!dbuf.dptr)
- return False;
-
- SAFE_FREE(dbuf.dptr);
+ if (!dbuf.dptr) {
+ SAFE_FREE(key);
+ return false;
+ }
- if(tdb_delete_bystring(tdb, key) != TDB_SUCCESS)
- return False;
+ SAFE_FREE(dbuf.dptr);
- return True;
+ ret = (tdb_delete_bystring(tdb, key) == TDB_SUCCESS);
+ SAFE_FREE(key);
+ return ret;
}
/****************************************************************************
Enumerate the group mapping.
****************************************************************************/
-static BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only)
+static bool enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, bool unix_only)
{
TDB_DATA kbuf, dbuf, newkey;
fstring string_sid;
/* Only check the domain if we were given one */
if ( domsid && !sid_equal( domsid, &grpsid ) ) {
- DEBUG(11,("enum_group_mapping: group %s is not in domain %s\n",
- string_sid, sid_string_static(domsid)));
+ DEBUG(11,("enum_group_mapping: group %s is not in "
+ "domain %s\n", string_sid,
+ sid_string_dbg(domsid)));
continue;
}
static NTSTATUS one_alias_membership(const DOM_SID *member,
DOM_SID **sids, size_t *num)
{
- fstring key, string_sid;
+ fstring key;
+ char *string_sid;
TDB_DATA dbuf;
const char *p;
+ TALLOC_CTX *frame;
- sid_to_string(string_sid, member);
- slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid);
+ slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX,
+ sid_string_static(member));
dbuf = tdb_fetch_bystring(tdb, key);
}
p = (const char *)dbuf.dptr;
-
- while (next_token(&p, string_sid, " ", sizeof(string_sid))) {
-
+ frame = talloc_stackframe();
+ while (next_token_talloc(frame, &p, &string_sid, " ")) {
DOM_SID alias;
if (!string_to_sid(&alias, string_sid))
continue;
if (!add_sid_to_array_unique(NULL, &alias, sids, num)) {
+ TALLOC_FREE(frame);
return NT_STATUS_NO_MEMORY;
}
}
+ TALLOC_FREE(frame);
SAFE_FREE(dbuf.dptr);
return NT_STATUS_OK;
}
return NT_STATUS_OK;
}
-static BOOL is_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+static bool is_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
DOM_SID *sids;
size_t i, num;
{
GROUP_MAP map;
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring string_sid;
char *new_memberstring;
int result;
return NT_STATUS_MEMBER_IN_ALIAS;
sid_to_string(string_sid, member);
- slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid);
+ if (asprintf(&key, "%s%s", MEMBEROF_PREFIX, string_sid) < 0) {
+ return NT_STATUS_NO_MEMORY;
+ }
dbuf = tdb_fetch_bystring(tdb, key);
new_memberstring = SMB_STRDUP(string_sid);
}
- if (new_memberstring == NULL)
+ if (new_memberstring == NULL) {
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
+ }
SAFE_FREE(dbuf.dptr);
dbuf = string_term_tdb_data(new_memberstring);
result = tdb_store_bystring(tdb, key, dbuf, 0);
SAFE_FREE(new_memberstring);
+ SAFE_FREE(key);
return (result == 0 ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED);
}
{
struct aliasmem_closure *closure = (struct aliasmem_closure *)state;
const char *p;
- fstring alias_string;
+ char *alias_string;
+ TALLOC_CTX *frame;
if (strncmp((const char *)key.dptr, MEMBEROF_PREFIX,
strlen(MEMBEROF_PREFIX)) != 0)
p = (const char *)data.dptr;
- while (next_token(&p, alias_string, " ", sizeof(alias_string))) {
-
+ frame = talloc_stackframe();
+ while (next_token_talloc(frame, &p, &alias_string, " ")) {
DOM_SID alias, member;
const char *member_string;
-
if (!string_to_sid(&alias, alias_string))
continue;
if (!string_to_sid(&member, member_string))
continue;
-
+
if (!add_sid_to_array(NULL, &member, closure->sids, closure->num)) {
/* talloc fail. */
break;
}
}
+ TALLOC_FREE(frame);
return 0;
}
NTSTATUS result;
DOM_SID *sids;
size_t i, num;
- BOOL found = False;
+ bool found = False;
char *member_string;
TDB_DATA dbuf;
- pstring key;
+ char *key = NULL;
fstring sid_string;
result = alias_memberships(member, 1, &sids, &num);
num -= 1;
sid_to_string(sid_string, member);
- slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, sid_string);
+ if (asprintf(&key, "%s%s", MEMBEROF_PREFIX, sid_string) < 0) {
+ TALLOC_FREE(sids);
+ return NT_STATUS_NO_MEMORY;
+ }
- if (num == 0)
- return tdb_delete_bystring(tdb, key) == 0 ?
- NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+ if (num == 0) {
+ NTSTATUS ret = (tdb_delete_bystring(tdb, key) == 0 ?
+ NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
+ TALLOC_FREE(sids);
+ SAFE_FREE(key);
+ return ret;
+ }
member_string = SMB_STRDUP("");
if (member_string == NULL) {
TALLOC_FREE(sids);
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
}
SAFE_FREE(s);
if (member_string == NULL) {
TALLOC_FREE(sids);
+ SAFE_FREE(key);
return NT_STATUS_NO_MEMORY;
}
}
TALLOC_FREE(sids);
SAFE_FREE(member_string);
+ SAFE_FREE(key);
return result;
}