diff options
author | Gerald Carter <jerry@samba.org> | 2006-08-29 15:59:01 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2006-08-29 15:59:01 +0000 |
commit | 7d7b83d9978e85253e67818979dd3a57ec9bbc7d (patch) | |
tree | 8bbc509e47cb5bbc5d222d4c2e46e35f66594638 /source | |
parent | 09c3ecbb164cef97a190807b34b070b70d7113cb (diff) | |
download | samba-7d7b83d9978e85253e67818979dd3a57ec9bbc7d.tar.gz samba-7d7b83d9978e85253e67818979dd3a57ec9bbc7d.tar.xz samba-7d7b83d9978e85253e67818979dd3a57ec9bbc7d.zip |
r17911: Mgeres from SAMBA_3_0_23:
* DNS SRV fixes
* fd leak fix in async dns lookup code (nmbd)
* krb5 sesssetup double username map fix
* NULL deref fix in reg_objects.c
Diffstat (limited to 'source')
-rw-r--r-- | source/include/ads_dns.h | 4 | ||||
-rw-r--r-- | source/libads/dns.c | 32 | ||||
-rw-r--r-- | source/nmbd/asyncdns.c | 1 | ||||
-rw-r--r-- | source/registry/reg_objects.c | 5 | ||||
-rw-r--r-- | source/smbd/sesssetup.c | 6 |
5 files changed, 44 insertions, 4 deletions
diff --git a/source/include/ads_dns.h b/source/include/ads_dns.h index 9b65db0c8e4..fed886523f1 100644 --- a/source/include/ads_dns.h +++ b/source/include/ads_dns.h @@ -47,7 +47,9 @@ struct dns_rr_srv { uint16 priority; uint16 weight; uint16 port; - struct in_addr ip; + size_t num_ips; + struct in_addr *ips; /* support multi-homed hosts */ + }; diff --git a/source/libads/dns.c b/source/libads/dns.c index 7dd877ea76d..23c76213cf4 100644 --- a/source/libads/dns.c +++ b/source/libads/dns.c @@ -334,14 +334,42 @@ NTSTATUS ads_dns_lookup_srv( TALLOC_CTX *ctx, const char *name, struct dns_rr_sr } /* only interested in A records as a shortcut for having to come - back later and lookup the name */ + back later and lookup the name. For multi-homed hosts, the + number of additional records and exceed the number of answer + records. */ + if ( (rr.type != T_A) || (rr.rdatalen != 4) ) continue; for ( i=0; i<idx; i++ ) { if ( strcmp( rr.hostname, dcs[i].hostname ) == 0 ) { - uint8 *buf = (uint8*)&dcs[i].ip.s_addr; + int num_ips = dcs[i].num_ips; + uint8 *buf; + struct in_addr *tmp_ips; + + /* allocate new memory */ + + if ( dcs[i].num_ips == 0 ) { + if ( (dcs[i].ips = TALLOC_ARRAY( dcs, + struct in_addr, 1 )) == NULL ) + { + return NT_STATUS_NO_MEMORY; + } + } else { + if ( (tmp_ips = TALLOC_REALLOC_ARRAY( dcs, dcs[i].ips, + struct in_addr, dcs[i].num_ips+1)) == NULL ) + { + return NT_STATUS_NO_MEMORY; + } + + dcs[i].ips = tmp_ips; + } + dcs[i].num_ips++; + + /* copy the new IP address */ + + buf = (uint8*)&dcs[i].ips[num_ips].s_addr; memcpy( buf, rr.rdata, 4 ); } } diff --git a/source/nmbd/asyncdns.c b/source/nmbd/asyncdns.c index c8caa3fee29..0c7a1e50b78 100644 --- a/source/nmbd/asyncdns.c +++ b/source/nmbd/asyncdns.c @@ -205,6 +205,7 @@ void run_dns_queue(void) if (!process_exists_by_pid(child_pid)) { close(fd_in); + close(fd_out); start_async_dns(); } diff --git a/source/registry/reg_objects.c b/source/registry/reg_objects.c index 33c2660331b..ecad94f1d6c 100644 --- a/source/registry/reg_objects.c +++ b/source/registry/reg_objects.c @@ -109,6 +109,10 @@ BOOL regsubkey_ctr_key_exists( REGSUBKEY_CTR *ctr, const char *keyname ) { int i; + if (!ctr->subkeys) { + return False; + } + for ( i=0; i<ctr->num_subkeys; i++ ) { if ( strequal( ctr->subkeys[i],keyname ) ) return True; @@ -181,6 +185,7 @@ REGISTRY_VALUE* dup_registry_value( REGISTRY_VALUE *val ) DEBUG(0,("dup_registry_value: memdup() failed for [%d] bytes!\n", val->size)); SAFE_FREE( copy ); + return NULL; } copy->size = val->size; } diff --git a/source/smbd/sesssetup.c b/source/smbd/sesssetup.c index fb579707cae..dd8d9fc8525 100644 --- a/source/smbd/sesssetup.c +++ b/source/smbd/sesssetup.c @@ -320,10 +320,14 @@ static int reply_spnego_kerberos(connection_struct *conn, sub_set_smb_name( real_username ); reload_services(True); + if ( map_domainuser_to_guest ) { make_server_info_guest(&server_info); } else if (logon_info) { - ret = make_server_info_info3(mem_ctx, real_username, domain, + /* pass the unmapped username here since map_username() + will be called again from inside make_server_info_info3() */ + + ret = make_server_info_info3(mem_ctx, user, domain, &server_info, &logon_info->info3); if ( !NT_STATUS_IS_OK(ret) ) { DEBUG(1,("make_server_info_info3 failed: %s!\n", |