diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2023-05-16 11:18:38 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2023-05-18 01:03:37 +0000 |
commit | 8cc0b76509b51bb57c2c527ea504812f8de06144 (patch) | |
tree | 957679d85c4df91ec5c65c0d890a89bfb7f9443f | |
parent | 9ff7d6c5c55ff562afbda7b4329c59c83d2933cf (diff) | |
download | samba-8cc0b76509b51bb57c2c527ea504812f8de06144.tar.gz |
s4:auth: Add function to make a shallow copy of an auth_user_info_dc structure
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/auth/auth.h | 3 | ||||
-rw-r--r-- | source4/auth/sam.c | 68 |
2 files changed, 71 insertions, 0 deletions
diff --git a/source4/auth/auth.h b/source4/auth/auth.h index c03eba4ca67..d39b23eb072 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -127,6 +127,9 @@ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ NTSTATUS authsam_update_user_info_dc(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, struct auth_user_info_dc *user_info_dc); +NTSTATUS authsam_shallow_copy_user_info_dc(TALLOC_CTX *mem_ctx, + const struct auth_user_info_dc *user_info_dc_in, + struct auth_user_info_dc **user_info_dc_out); NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, struct loadparm_context *lp_ctx, struct auth_session_info **_session_info) ; diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 508f68189b8..b66bfbff8ae 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -724,6 +724,74 @@ _PUBLIC_ NTSTATUS authsam_update_user_info_dc(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } +/* + * Make a shallow copy of a talloc-allocated user_info_dc structure, holding a + * reference to each of the original fields. + */ +NTSTATUS authsam_shallow_copy_user_info_dc(TALLOC_CTX *mem_ctx, + const struct auth_user_info_dc *user_info_dc_in, + struct auth_user_info_dc **user_info_dc_out) +{ + struct auth_user_info_dc *user_info_dc = NULL; + NTSTATUS status = NT_STATUS_OK; + + user_info_dc = talloc_zero(mem_ctx, struct auth_user_info_dc); + if (user_info_dc == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + + *user_info_dc = *user_info_dc_in; + + if (user_info_dc->info != NULL) { + if (talloc_reference(user_info_dc, user_info_dc->info) == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + } + + if (user_info_dc->user_session_key.data != NULL) { + if (talloc_reference(user_info_dc, user_info_dc->user_session_key.data) == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + } + + if (user_info_dc->lm_session_key.data != NULL) { + if (talloc_reference(user_info_dc, user_info_dc->lm_session_key.data) == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + } + + if (user_info_dc->sids != NULL) { + /* + * Because we want to modify the SIDs in the user_info_dc + * structure, adding various well-known SIDs such as Asserted + * Identity or Claims Valid, make a copy of the SID array to + * guard against modification of the original. + * + * It’s better not to make a reference, because anything that + * tries to call talloc_realloc() on the original or the copy + * will fail when called for any referenced talloc context. + */ + user_info_dc->sids = talloc_memdup(mem_ctx, + user_info_dc->sids, + talloc_get_size(user_info_dc->sids)); + if (user_info_dc->sids == NULL) { + status = NT_STATUS_NO_MEMORY; + goto out; + } + } + + *user_info_dc_out = user_info_dc; + user_info_dc = NULL; + +out: + talloc_free(user_info_dc); + return status; +} + NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, const char *principal, const char **attrs, |