diff options
author | Jeremy Allison <jra@samba.org> | 2002-12-11 23:54:40 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2002-12-11 23:54:40 +0000 |
commit | ec4ed45563f9d8e25fcfd88840944a90b3139c3e (patch) | |
tree | d64c3cac0e88f8c79ca2e91ab8010393c01259e7 /source | |
parent | e258887f508db3d2c923f393f0104e7cf1bd6545 (diff) | |
download | samba-ec4ed45563f9d8e25fcfd88840944a90b3139c3e.tar.gz samba-ec4ed45563f9d8e25fcfd88840944a90b3139c3e.tar.xz samba-ec4ed45563f9d8e25fcfd88840944a90b3139c3e.zip |
Fixed auth module code. Added VALGRIND defines to reduce spurious warnings.
Jeremy.
Diffstat (limited to 'source')
-rw-r--r-- | source/auth/auth.c | 99 | ||||
-rw-r--r-- | source/auth/auth_builtin.c | 27 | ||||
-rw-r--r-- | source/include/includes.h | 4 | ||||
-rw-r--r-- | source/lib/util.c | 2 | ||||
-rw-r--r-- | source/lib/util_str.c | 11 | ||||
-rw-r--r-- | source/smbd/process.c | 1 | ||||
-rw-r--r-- | source/tdb/tdbbackup.c | 10 |
7 files changed, 85 insertions, 69 deletions
diff --git a/source/auth/auth.c b/source/auth/auth.c index 232d401a240..d730e39f444 100644 --- a/source/auth/auth.c +++ b/source/auth/auth.c @@ -61,8 +61,7 @@ static const uint8 *get_ntlm_challenge(struct auth_context *auth_context) return auth_context->challenge.data; } - for (auth_method = auth_context->auth_method_list; auth_method; auth_method = auth_method->next) - { + for (auth_method = auth_context->auth_method_list; auth_method; auth_method = auth_method->next) { if (auth_method->get_chal == NULL) { DEBUG(5, ("auth_get_challenge: module %s did not want to specify a challenge\n", auth_method->name)); continue; @@ -183,18 +182,18 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, auth_methods *auth_method; TALLOC_CTX *mem_ctx; - if (!user_info || !auth_context || !server_info) { + if (!user_info || !auth_context || !server_info) return NT_STATUS_LOGON_FAILURE; - } - DEBUG(3, ("check_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", + DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str)); - DEBUG(3, ("check_password: mapped user is: [%s]\\[%s]@[%s]\n", + DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n", user_info->domain.str, user_info->internal_username.str, user_info->wksta_name.str)); - if (auth_context->challenge_set_by) { - DEBUG(10, ("auth_context challenge created by %s\n", auth_context->challenge_set_by)); - } + if (auth_context->challenge_set_by) + DEBUG(10, ("check_ntlm_password: auth_context challenge created by %s\n", + auth_context->challenge_set_by)); + DEBUG(10, ("challenge is: \n")); dump_data(5, auth_context->challenge.data, auth_context->challenge.length); @@ -208,37 +207,33 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, #endif /* This needs to be sorted: If it doesn't match, what should we do? */ - if (!check_domain_match(user_info->smb_name.str, user_info->domain.str)) { + if (!check_domain_match(user_info->smb_name.str, user_info->domain.str)) return NT_STATUS_LOGON_FAILURE; - } - for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) - { + for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) { mem_ctx = talloc_init_named("%s authentication for user %s\\%s", auth_method->name, user_info->domain.str, user_info->smb_name.str); nt_status = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info); if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(3, ("check_password: %s authentication for user [%s] suceeded\n", + DEBUG(3, ("check_ntlm_password: %s authentication for user [%s] suceeded\n", auth_method->name, user_info->smb_name.str)); } else { - DEBUG(5, ("check_password: %s authentication for user [%s] FAILED with error %s\n", + DEBUG(5, ("check_ntlm_password: %s authentication for user [%s] FAILED with error %s\n", auth_method->name, user_info->smb_name.str, nt_errstr(nt_status))); } talloc_destroy(mem_ctx); - if (NT_STATUS_IS_OK(nt_status)) { + if (NT_STATUS_IS_OK(nt_status)) break; - } } /* This is one of the few places the *relies* (rather than just sets defaults on the value of lp_security(). This needs to change. A new paramater perhaps? */ - if (lp_security() >= SEC_SERVER) { + if (lp_security() >= SEC_SERVER) smb_user_control(user_info, *server_info, nt_status); - } if (NT_STATUS_IS_OK(nt_status)) { pdb_username = pdb_get_username((*server_info)->sam_account); @@ -249,17 +244,17 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, unbecome_root(); if (NT_STATUS_IS_OK(nt_status)) { - DEBUG(5, ("check_password: PAM Account for user [%s] suceeded\n", + DEBUG(5, ("check_ntlm_password: PAM Account for user [%s] suceeded\n", pdb_username)); } else { - DEBUG(3, ("check_password: PAM Account for user [%s] FAILED with error %s\n", + DEBUG(3, ("check_ntlm_password: PAM Account for user [%s] FAILED with error %s\n", pdb_username, nt_errstr(nt_status))); } } if (NT_STATUS_IS_OK(nt_status)) { DEBUG((*server_info)->guest ? 5 : 2, - ("check_password: %sauthentication for user [%s] -> [%s] -> [%s] suceeded\n", + ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] suceeded\n", (*server_info)->guest ? "guest " : "", user_info->smb_name.str, user_info->internal_username.str, @@ -268,7 +263,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, } if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(2, ("check_password: Authentication for user [%s] -> [%s] FAILED with error %s\n", + DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n", user_info->smb_name.str, user_info->internal_username.str, nt_errstr(nt_status))); ZERO_STRUCTP(server_info); @@ -282,9 +277,8 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, static void free_auth_context(struct auth_context **auth_context) { - if (*auth_context != NULL) { + if (*auth_context != NULL) talloc_destroy((*auth_context)->mem_ctx); - } *auth_context = NULL; } @@ -327,48 +321,43 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, NTSTATUS nt_status; if (!text_list) { - DEBUG(2,("No auth method list!?\n")); + DEBUG(2,("make_auth_context_text_list: No auth method list!?\n")); return NT_STATUS_UNSUCCESSFUL; } - if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) { + if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) return nt_status; - } - for (;*text_list; text_list++) - { - DEBUG(5,("Attempting to find an auth method to match %s\n", *text_list)); - for (i = 0; builtin_auth_init_functions[i].name; i++) - { - if (strequal(builtin_auth_init_functions[i].name, *text_list)) - { - - char *module_name = smb_xstrdup(*text_list); - char *module_params = NULL; - char *p; - - p = strchr(module_name, ':'); - - if (p) { - *p = 0; - - module_params = p+1; - - trim_string(module_params, " ", " "); - } - - trim_string(module_name, " ", " "); + for (;*text_list; text_list++) { + DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n", + *text_list)); + for (i = 0; builtin_auth_init_functions[i].name; i++) { + char *module_name = smb_xstrdup(*text_list); + char *module_params = NULL; + char *p; + + p = strchr(module_name, ':'); + if (p) { + *p = 0; + module_params = p+1; + trim_string(module_params, " ", " "); + } + + trim_string(module_name, " ", " "); - DEBUG(5,("Found auth method %s (at pos %d)\n", *text_list, i)); + if (strequal(builtin_auth_init_functions[i].name, module_name)) { + DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i)); if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) { - DEBUG(5,("auth method %s has a valid init\n", *text_list)); + DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n", + *text_list)); DLIST_ADD_END(list, t, tmp); } else { - DEBUG(0,("auth method %s did not correctly init\n", *text_list)); + DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n", + *text_list)); } - SAFE_FREE(module_name); break; } + SAFE_FREE(module_name); } } diff --git a/source/auth/auth_builtin.c b/source/auth/auth_builtin.c index f55f662a408..32f39311dc8 100644 --- a/source/auth/auth_builtin.c +++ b/source/auth/auth_builtin.c @@ -49,11 +49,11 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context, } /* Guest modules initialisation */ + NTSTATUS auth_init_guest(struct auth_context *auth_context, const char *options, auth_methods **auth_method) { - if (!make_auth_methods(auth_context, auth_method)) { + if (!make_auth_methods(auth_context, auth_method)) return NT_STATUS_NO_MEMORY; - } (*auth_method)->auth = check_guest_security; (*auth_method)->name = "guest"; @@ -92,7 +92,7 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_ strlower(user); error_num = strtoul(user, NULL, 16); - DEBUG(5,("Error for user %s was %lx\n", user, error_num)); + DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num)); nt_status = NT_STATUS(error_num); @@ -100,11 +100,11 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_ } /** Module initailisation function */ + NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const char *param, auth_methods **auth_method) { - if (!make_auth_methods(auth_context, auth_method)) { + if (!make_auth_methods(auth_context, auth_method)) return NT_STATUS_NO_MEMORY; - } (*auth_method)->auth = check_name_to_ntstatus_security; (*auth_method)->name = "name_to_ntstatus"; @@ -149,11 +149,11 @@ static DATA_BLOB auth_get_fixed_challenge(const struct auth_context *auth_contex /** Module initailisation function */ + NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method) { - if (!make_auth_methods(auth_context, auth_method)) { + if (!make_auth_methods(auth_context, auth_method)) return NT_STATUS_NO_MEMORY; - } (*auth_method)->auth = check_fixed_challenge_security; (*auth_method)->get_chal = auth_get_fixed_challenge; @@ -168,6 +168,7 @@ NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char **/ /* Plugin modules initialisation */ + NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method) { void * dl_handle; @@ -175,7 +176,7 @@ NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_init_function plugin_init; if (param == NULL) { - DEBUG(0, ("The plugin module needs an argument!\n")); + DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n")); return NT_STATUS_UNSUCCESSFUL; } @@ -189,21 +190,21 @@ NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, trim_string(plugin_name, " ", " "); - DEBUG(5, ("Trying to load auth plugin %s\n", plugin_name)); + DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name)); dl_handle = sys_dlopen(plugin_name, RTLD_NOW ); if (!dl_handle) { - DEBUG(0, ("Failed to load auth plugin %s using sys_dlopen (%s)\n", plugin_name, sys_dlerror())); + DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n", + plugin_name, sys_dlerror())); return NT_STATUS_UNSUCCESSFUL; } plugin_init = sys_dlsym(dl_handle, "auth_init"); if (!plugin_init){ - DEBUG(0, ("Failed to find function 'pdb_init' using sys_dlsym in sam plugin %s (%s)\n", plugin_name, sys_dlerror())); + DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n", + plugin_name, sys_dlerror())); return NT_STATUS_UNSUCCESSFUL; } DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)")); return plugin_init(auth_context, plugin_param, auth_method); } - - diff --git a/source/include/includes.h b/source/include/includes.h index 87b7e02cbf8..b7aa7004795 100644 --- a/source/include/includes.h +++ b/source/include/includes.h @@ -1173,5 +1173,9 @@ int asprintf(char **,const char *, ...) PRINTF_ATTRIBUTE(2,3); time_t timegm(struct tm *tm); #endif +#if defined(VALGRIND) +#define strlen(x) valgrind_strlen(x) +#endif + #endif /* _INCLUDES_H */ diff --git a/source/lib/util.c b/source/lib/util.c index a83e17c661f..0adfe34032d 100644 --- a/source/lib/util.c +++ b/source/lib/util.c @@ -710,6 +710,7 @@ void make_dir_struct(char *buf,char *mask,char *fname,SMB_OFF_T size,int mode,ti void close_low_fds(BOOL stderr_too) { +#ifndef VALGRIND int fd; int i; @@ -737,6 +738,7 @@ void close_low_fds(BOOL stderr_too) return; } } +#endif } /**************************************************************************** diff --git a/source/lib/util_str.c b/source/lib/util_str.c index 32efee1536a..f3fa89b05f3 100644 --- a/source/lib/util_str.c +++ b/source/lib/util_str.c @@ -1366,3 +1366,14 @@ BOOL str_list_substitute(char **list, const char *pattern, const char *insert) return True; } + +#ifdef VALGRIND +size_t valgrind_strlen(const char *s) +{ + size_t count; + for(count = 0; *s++; count++) + ; + return count; +} +#endif + diff --git a/source/smbd/process.c b/source/smbd/process.c index 3b0619b7d0e..923b20ad66b 100644 --- a/source/smbd/process.c +++ b/source/smbd/process.c @@ -1140,7 +1140,6 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t { unsigned char trust_passwd_hash[16]; time_t lct; - pstring remote_machine_list; /* * We're in domain level security, and the code that diff --git a/source/tdb/tdbbackup.c b/source/tdb/tdbbackup.c index 36ba7db9188..7b344de6c45 100644 --- a/source/tdb/tdbbackup.c +++ b/source/tdb/tdbbackup.c @@ -303,3 +303,13 @@ static void usage(void) return ret; } + +#ifdef VALGRIND +size_t valgrind_strlen(const char *s) +{ + size_t count; + for(count = 0; *s++; count++) + ; + return count; +} +#endif |