diff options
| author | Luke Leighton <lkcl@samba.org> | 2000-04-09 13:53:41 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 2000-04-09 13:53:41 +0000 |
| commit | c97a86daa5d9e26b8f87d4d211a254f910af375b (patch) | |
| tree | b77f5f53b4b4ead4a25910d852b879e5fc9f4583 | |
| parent | c10eca8d72a27e8fa996554a78780cc6515bba1d (diff) | |
| download | samba-c97a86daa5d9e26b8f87d4d211a254f910af375b.tar.gz | |
groups being a pain, had to copy them.
also, the usual corruption on trust account password change...
| -rw-r--r-- | source/lib/set_uid.c | 64 | ||||
| -rw-r--r-- | source/lib/util_hnd.c | 132 | ||||
| -rw-r--r-- | source/lsarpcd/lsarpcd.c | 10 | ||||
| -rw-r--r-- | source/msrpc/msrpcd.c | 3 | ||||
| -rw-r--r-- | source/msrpc/msrpcd_process.c | 4 | ||||
| -rw-r--r-- | source/rpc_client/msrpc_lsarpc.c | 6 | ||||
| -rw-r--r-- | source/samrd/srv_samr_sam_tdb.c | 1 |
7 files changed, 137 insertions, 83 deletions
diff --git a/source/lib/set_uid.c b/source/lib/set_uid.c index 3533b0ce29f..0b2f48103a5 100644 --- a/source/lib/set_uid.c +++ b/source/lib/set_uid.c @@ -124,6 +124,8 @@ BOOL become_gid(gid_t gid) ****************************************************************************/ BOOL unbecome_to_initial_uid(void) { + DEBUG(10,("unbecome_to_initial_uid: %d\n", __LINE__)); + if (!current_user.conn) return (False); @@ -178,10 +180,11 @@ BOOL become_unix_sec_ctx(const vuser_key * k, connection_struct * conn, gid_t gid; uid_t uid; - DEBUG(5, ("become_unix_sec_ctx: %d %d\n", new_uid, new_gid)); if (become_root_depth != 0x0) { - DEBUG(0,("become_unix_sec_ctx %d %d: non-zero become_root_depth\n", new_uid, new_gid)); + DEBUG(0, + ("become_unix_sec_ctx %d %d: non-zero become_root_depth\n", + new_uid, new_gid)); SMB_ASSERT(False); } @@ -195,6 +198,26 @@ BOOL become_unix_sec_ctx(const vuser_key * k, connection_struct * conn, unbecome_to_initial_uid(); + safe_free(current_user.groups); + + if (n_groups != 0 && groups != NULL) + { + int i; + gid_t *groups_copy = g_new(gid_t, n_groups); + if (groups_copy == NULL) + { + return False; + } + for (i = 0; i < n_groups; i++) + { + groups_copy[i] = groups[i]; + } + groups = groups_copy; + } + + DEBUG(5, ("become_unix_sec_ctx: %d %d %d %p\n", new_uid, new_gid, + n_groups, groups)); + uid = new_uid; gid = new_gid; current_user.ngroups = n_groups; @@ -210,7 +233,7 @@ BOOL become_unix_sec_ctx(const vuser_key * k, connection_struct * conn, if (current_user.ngroups > 0) { if (sys_setgroups(current_user.ngroups, - current_user.groups) < 0) + current_user.groups) < 0) { DEBUG(0, ("sys_setgroups call failed!\n")); } @@ -218,7 +241,8 @@ BOOL become_unix_sec_ctx(const vuser_key * k, connection_struct * conn, } { int i; - DEBUG(3, ("Setting %d in %d groups: ", (int)new_uid, n_groups)); + DEBUG(3, + ("Setting %d in %d groups: ", (int)new_uid, n_groups)); for (i = 0; i < n_groups; i++) { DEBUG(3, ("%s%d", (i ? ", " : ""), (int)groups[i])); @@ -257,6 +281,8 @@ BOOL become_guest(void) BOOL ret; const struct passwd *pass = NULL; + DEBUG(10, ("become_guest\n")); + if (!pass) pass = Get_Pwnam(lp_guestaccount(-1), True); if (!pass) @@ -277,6 +303,9 @@ BOOL become_guest(void) current_user.conn = NULL; current_user.key.vuid = UID_FIELD_INVALID; + current_user.ngroups = 0; + safe_free(current_user.groups); + current_user.groups = NULL; return (ret); } @@ -300,10 +329,17 @@ void become_root(BOOL save_dir) if (become_root_depth == 0) { + DEBUG(10, ("become_root_depth zero: saving %d %d %d %p\n", + current_user.uid, + current_user.gid, + current_user.ngroups, current_user.groups)); current_user_saved = current_user; } become_root_depth++; + DEBUG(10, ("become_root: %d %d\n", + current_user_saved.uid, current_user_saved.gid)); + become_uid(0); become_gid(0); } @@ -315,9 +351,20 @@ Set save_dir if you also need to save/restore the CWD ****************************************************************************/ void unbecome_root(BOOL restore_dir) { - DEBUG(10,("unbecome_root: %d %d\n", - current_user_saved.uid, - current_user_saved.gid)); + int i; + + DEBUG(10, ("unbecome_root: %d %d %d %p\n", + current_user_saved.uid, + current_user_saved.gid, + current_user_saved.ngroups, current_user_saved.groups)); + + for (i = 0; i < current_user_saved.ngroups; i++) + { + DEBUG(10, + ("%s%d", (i ? ", " : ""), + (int)current_user_saved.groups[i])); + } + DEBUG(10, ("\n")); if (become_root_depth <= 0) { @@ -334,6 +381,7 @@ void unbecome_root(BOOL restore_dir) become_root_depth)); return; } + /* we might have done a become_user() while running as root, if we have then become root again in order to become non root! */ @@ -353,7 +401,7 @@ void unbecome_root(BOOL restore_dir) if (current_user_saved.ngroups > 0) { if (sys_setgroups(current_user_saved.ngroups, - current_user_saved.groups) < 0) + current_user_saved.groups) < 0) DEBUG(0, ("ERROR: sys_setgroups call failed!\n")); } #endif diff --git a/source/lib/util_hnd.c b/source/lib/util_hnd.c index 1c140dadf82..13f81991f8c 100644 --- a/source/lib/util_hnd.c +++ b/source/lib/util_hnd.c @@ -28,16 +28,6 @@ extern int DEBUGLEVEL; -#ifndef MAX_OPEN_POLS -#define MAX_OPEN_POLS 64 -#endif - -#define POL_NO_INFO 0 -#define POL_REG_INFO 1 -#define POL_SAMR_INFO 2 -#define POL_CLI_INFO 3 -#define POL_SVC_INFO 4 - struct policy { @@ -51,7 +41,7 @@ struct policy char *name; int type; - void (*free_fn)(void*); + void (*free_fn) (void *); void *dev; }; @@ -74,10 +64,11 @@ struct policy_cache *get_global_hnd_cache(void) ****************************************************************************/ static void create_pol_hnd(POLICY_HND *hnd) { - static uint32 pol_hnd_low = 0; + static uint32 pol_hnd_low = 0; NTTIME ntt; - if (hnd == NULL) return; + if (hnd == NULL) + return; ZERO_STRUCTP(hnd); @@ -89,8 +80,8 @@ static void create_pol_hnd(POLICY_HND *hnd) hnd->uuid.time_low = ntt.low; hnd->uuid.time_mid = (ntt.high & 0xffff); hnd->uuid.time_hi_and_version = ((ntt.high >> 16) & 0xffff); - SIVAL(hnd->uuid.remaining, 0, getpid()); - SIVAL(hnd->uuid.remaining, 4, pol_hnd_low); + SIVAL(hnd->uuid.remaining, 0, getpid()); + SIVAL(hnd->uuid.remaining, 4, pol_hnd_low); } /**************************************************************************** @@ -119,20 +110,36 @@ void free_policy_cache(struct policy_cache *cache) find policy by handle ****************************************************************************/ static struct policy *find_policy(struct policy_cache *cache, - const POLICY_HND *hnd) + const POLICY_HND *hnd) { struct policy *p; - for (p=cache->Policy;p;p=p->next) { - if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) { - DEBUG(4,("Found policy hnd[%x] ", p->pnum)); - dump_data(4, (const char *)hnd, - sizeof(*hnd)); + if (cache == NULL) + { + DEBUG(0, ("find_policy: NULL cache\n")); + SMB_ASSERT(False); + } + + if (hnd == NULL) + { + DEBUG(0, ("find_policy: NULL handle\n")); + SMB_ASSERT(False); + return NULL; + } + + for (p = cache->Policy; p; p = p->next) + { + DEBUG(10, ("Compare policy hnd[%x] ", p->pnum)); + dump_data(10, (const char *)hnd, sizeof(*hnd)); + if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) + { + DEBUG(4, ("Found policy hnd[%x] ", p->pnum)); + dump_data(4, (const char *)hnd, sizeof(*hnd)); return p; } } - DEBUG(4,("cache->Policy not found: ")); + DEBUG(4, ("cache->Policy not found: ")); dump_data(4, (const char *)hnd, sizeof(*hnd)); return NULL; @@ -198,8 +205,7 @@ const char *policy_hnd_get_name(struct policy_cache *cache, return "(invalid POLICY_HND)"; } name = pol_get_name(p); - DEBUG(4, ("policy(pnum=%x %s): getting name\n", - p->pnum, name)); + DEBUG(4, ("policy(pnum=%x %s): getting name\n", p->pnum, name)); return name; } @@ -208,8 +214,7 @@ const char *policy_hnd_get_name(struct policy_cache *cache, find first available policy slot. copies a policy handle for you. ****************************************************************************/ BOOL dup_policy_hnd(struct policy_cache *cache, - POLICY_HND *hnd, - const POLICY_HND *from) + POLICY_HND *hnd, const POLICY_HND *from) { struct policy *p = find_policy(cache, from); @@ -217,7 +222,7 @@ BOOL dup_policy_hnd(struct policy_cache *cache, { return False; } - DEBUG(3,("Duplicating policy state pnum=%x\n", p->pnum)); + DEBUG(3, ("Duplicating policy state pnum=%x\n", p->pnum)); return register_policy_hnd(cache, &p->key, hnd, p->access_mask); } @@ -225,9 +230,8 @@ BOOL dup_policy_hnd(struct policy_cache *cache, find first available policy slot. creates a policy handle for you. ****************************************************************************/ BOOL register_policy_hnd(struct policy_cache *cache, - const vuser_key *key, - POLICY_HND *hnd, - uint32 access_mask) + const vuser_key * key, + POLICY_HND *hnd, uint32 access_mask) { struct policy *p; static int count = 1; @@ -235,13 +239,13 @@ BOOL register_policy_hnd(struct policy_cache *cache, p = (struct policy *)malloc(sizeof(*p)); if (!p) { - DEBUG(0,("ERROR: out of memory!\n")); + DEBUG(0, ("ERROR: out of memory!\n")); return False; } ZERO_STRUCTP(p); - p->open = True; + p->open = True; p->pnum = count++; p->access_mask = access_mask; if (key != NULL) @@ -256,10 +260,10 @@ BOOL register_policy_hnd(struct policy_cache *cache, DLIST_ADD(cache->Policy, p); - - DEBUG(4,("Opened policy hnd[%x] ", p->pnum)); - DEBUG(10,("register_policy_hnd: vuser [%d, %x]\n", - p->key.pid, p->key.vuid)); + + DEBUG(4, ("Opened policy hnd[%x] ", p->pnum)); + DEBUG(10, ("register_policy_hnd: vuser [%d, %x]\n", + p->key.pid, p->key.vuid)); memcpy(&p->pol_hnd, hnd, sizeof(*hnd)); dump_data(4, (char *)hnd, sizeof(*hnd)); @@ -270,10 +274,9 @@ BOOL register_policy_hnd(struct policy_cache *cache, /**************************************************************************** find first available policy slot. creates a policy handle for you. ****************************************************************************/ -BOOL open_policy_hnd(struct policy_cache *cache, - const vuser_key *key, - POLICY_HND *hnd, - uint32 access_mask) +BOOL open_policy_hnd(struct policy_cache *cache, + const vuser_key * key, + POLICY_HND *hnd, uint32 access_mask) { create_pol_hnd(hnd); return register_policy_hnd(cache, key, hnd, access_mask); @@ -282,10 +285,9 @@ BOOL open_policy_hnd(struct policy_cache *cache, /**************************************************************************** find first available policy slot. creates a policy handle for you. ****************************************************************************/ -BOOL open_policy_hnd_link(struct policy_cache *cache, - const POLICY_HND *parent_hnd, - POLICY_HND *hnd, - uint32 access_mask) +BOOL open_policy_hnd_link(struct policy_cache *cache, + const POLICY_HND *parent_hnd, + POLICY_HND *hnd, uint32 access_mask) { const vuser_key *key = get_policy_vuser_key(cache, parent_hnd); if (key == NULL) @@ -303,15 +305,15 @@ int find_policy_by_hnd(struct policy_cache *cache, const POLICY_HND *hnd) { struct policy *p = find_policy(cache, hnd); - return p?p->pnum:-1; + return p ? p->pnum : -1; } /**************************************************************************** set pol state. ****************************************************************************/ -BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd, - void(*fn)(void*), void *dev) +BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd, + void (*fn) (void *), void *dev) { struct policy *p = find_policy(cache, hnd); @@ -323,9 +325,9 @@ BOOL set_policy_state(struct policy_cache *cache, POLICY_HND *hnd, p->dev = dev; p->free_fn = fn; return True; - } + } - DEBUG(3,("Error setting policy state\n")); + DEBUG(3, ("Error setting policy state\n")); return False; } @@ -344,7 +346,7 @@ void *get_policy_state_info(struct policy_cache *cache, const POLICY_HND *hnd) return p->dev; } - DEBUG(3,("Error getting policy state\n")); + DEBUG(3, ("Error getting policy state\n")); return NULL; } @@ -401,7 +403,7 @@ BOOL policy_hnd_check_state_type(struct policy_cache *cache, return False; } - ret = (p->type==type); + ret = (p->type == type); if (ret) { @@ -426,7 +428,7 @@ BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd) if (!p) { - DEBUG(3,("Error closing policy\n")); + DEBUG(3, ("Error closing policy\n")); return False; } @@ -434,6 +436,8 @@ BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd) DLIST_REMOVE(cache->Policy, p); + ZERO_STRUCTP(hnd); + if (p->free_fn != NULL) { p->free_fn(p->dev); @@ -444,10 +448,9 @@ BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd) } safe_free(p->name); - free(p); - ZERO_STRUCTP(hnd); + DEBUG(10, ("policy closed\n")); return True; } @@ -456,20 +459,20 @@ BOOL close_policy_hnd(struct policy_cache *cache, POLICY_HND *hnd) get pol state. ****************************************************************************/ BOOL policy_link_key(struct policy_cache *cache, const POLICY_HND *hnd, - POLICY_HND *to) + POLICY_HND *to) { struct policy *p = find_policy(cache, hnd); struct policy *pto = find_policy(cache, to); if (p != NULL && p->open && pto != NULL && pto->open) { - DEBUG(3,("Linking policy key pnum=%x pid=%d vuid=%x\n", - p->key.pid, p->key.vuid, p->pnum)); + DEBUG(3, ("Linking policy key pnum=%x pid=%d vuid=%x\n", + p->key.pid, p->key.vuid, p->pnum)); pto->key = p->key; return True; } - DEBUG(3,("Error getting policy link states\n")); + DEBUG(3, ("Error getting policy link states\n")); return False; } @@ -477,18 +480,18 @@ BOOL policy_link_key(struct policy_cache *cache, const POLICY_HND *hnd, get pol state. ****************************************************************************/ const vuser_key *get_policy_vuser_key(struct policy_cache *cache, - const POLICY_HND *hnd) + const POLICY_HND *hnd) { struct policy *p = find_policy(cache, hnd); if (p != NULL && p->open) { - DEBUG(3,("Getting policy vuser_key pnum=%x pid=%d vuid=%x\n", - p->pnum, p->key.pid, p->key.vuid)); + DEBUG(3, ("Getting policy vuser_key pnum=%x pid=%d vuid=%x\n", + p->pnum, p->key.pid, p->key.vuid)); return &p->key; } - DEBUG(3,("Error getting policy state\n")); + DEBUG(3, ("Error getting policy state\n")); return NULL; } @@ -496,7 +499,7 @@ const vuser_key *get_policy_vuser_key(struct policy_cache *cache, get user session key. ****************************************************************************/ BOOL pol_get_usr_sesskey(struct policy_cache *cache, const POLICY_HND *hnd, - uchar usr_sess_key[16]) + uchar usr_sess_key[16]) { const vuser_key *key = get_policy_vuser_key(cache, hnd); user_struct *vuser; @@ -509,11 +512,10 @@ BOOL pol_get_usr_sesskey(struct policy_cache *cache, const POLICY_HND *hnd, vuser = get_valid_user_struct(key); if (vuser == NULL) { - DEBUG(10,("pol_get_usr_sesskey: no vuser struct\n")); + DEBUG(10, ("pol_get_usr_sesskey: no vuser struct\n")); return False; } memcpy(usr_sess_key, vuser->usr.user_sess_key, 16); vuid_free_user_struct(vuser); return True; } - diff --git a/source/lsarpcd/lsarpcd.c b/source/lsarpcd/lsarpcd.c index f3645aae97e..377e76caa6b 100644 --- a/source/lsarpcd/lsarpcd.c +++ b/source/lsarpcd/lsarpcd.c @@ -120,18 +120,16 @@ static void update_trust_account(void) } if (s2 == NT_STATUS_NOPROBLEMO) { - int len; - if (!secret_get_data(&secret, old_trust, &len) || len != 16) + if (secret_to_nt_owf(old_trust, &secret)) { - s2 = NT_STATUS_ACCESS_DENIED; + dump_data_pw("$MACHINE.ACC-hashed:", old_trust, 16); } else { - dump_data_pw("$MACHINE.ACC:", old_trust, 16); + DEBUG(0,("old secret to OWF: failed\n")); } } - cur_time = time(NULL); sec_time = nt_time_to_unix(&ntlct); @@ -168,7 +166,6 @@ static void update_trust_account(void) if (!strequal("\\\\.", srv_name)) { - res2 = res2 ? modify_trust_password(global_myworkgroup, srv_name, old_trust, @@ -194,6 +191,7 @@ static void update_trust_account(void) { _lsa_close(&lsa_pol); } + DEBUG(10,("update_trust_account: %d\n", __LINE__)); } /**************************************************************************** diff --git a/source/msrpc/msrpcd.c b/source/msrpc/msrpcd.c index fc7bdb54f8f..50f2d3a388c 100644 --- a/source/msrpc/msrpcd.c +++ b/source/msrpc/msrpcd.c @@ -553,6 +553,9 @@ static void usage(char *pname) fn->reload_services(True); msrpcd_process(fn, p.l, p.name); } + + DEBUG(10,("msrpc close: %d\n", __LINE__)); + if (ClientMSRPC != -1) { close(ClientMSRPC); diff --git a/source/msrpc/msrpcd_process.c b/source/msrpc/msrpcd_process.c index 93776aa1777..8cd099a6a01 100644 --- a/source/msrpc/msrpcd_process.c +++ b/source/msrpc/msrpcd_process.c @@ -454,11 +454,11 @@ void msrpcd_process(msrpc_service_fns * fn, rpcsrv_struct * l, strerror(errno))); } + unbecome_to_initial_uid(); + if (fn->idle != NULL) { - become_root(False); fn->idle(); - unbecome_root(False); } return; diff --git a/source/rpc_client/msrpc_lsarpc.c b/source/rpc_client/msrpc_lsarpc.c index 90219e56bc0..efe00c3e12f 100644 --- a/source/rpc_client/msrpc_lsarpc.c +++ b/source/rpc_client/msrpc_lsarpc.c @@ -328,6 +328,10 @@ BOOL secret_get_data(const STRING2 * secret, uchar * data, uint32 * len) { return False; } + if ((*len) > 1024) + { + DEBUG(0,("secret_get_data: length too long!\n")); + } memcpy(data, secret->buffer + 8, *len); return True; } @@ -338,7 +342,7 @@ obtains a trust account password BOOL secret_to_nt_owf(uchar trust_passwd[16], const STRING2 * secret) { UNISTR2 uni_pwd; - uint32 len; + uint32 len = 0; pstring data; int i; diff --git a/source/samrd/srv_samr_sam_tdb.c b/source/samrd/srv_samr_sam_tdb.c index fe3c5d180b0..873f10524a2 100644 --- a/source/samrd/srv_samr_sam_tdb.c +++ b/source/samrd/srv_samr_sam_tdb.c @@ -250,7 +250,6 @@ uint32 _samr_close(POLICY_HND *hnd) /* close the policy handle */ if (close_policy_hnd(get_global_hnd_cache(), hnd)) { - ZERO_STRUCTP(hnd); return NT_STATUS_NOPROBLEMO; } return NT_STATUS_OBJECT_NAME_INVALID; |