[Freeipa-devel] [PATCH] 34-35 ipasam fixes

Sumit Bose sbose at redhat.com
Wed Jul 4 19:10:17 UTC 2012 

Hi,

the following two patches contain fixes for ipa_sam.c. The first fixes
several issues which were found by clang and the second removes some
testing stuff I forgot to change.

bye,
Sumit
-------------- next part --------------
From 116631a3fd2a50e3c2b5a44ed4cff44fe4f0ab99 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose at redhat.com>
Date: Wed, 4 Jul 2012 16:18:21 +0200
Subject: [PATCH] ipasam: fixes for clang warnings

---
 daemons/ipa-sam/ipa_sam.c |   48 +++++++++++++++++++--------------------------
 1 Datei ge?ndert, 20 Zeilen hinzugef?gt(+), 28 Zeilen entfernt(-)

diff --git a/daemons/ipa-sam/ipa_sam.c b/daemons/ipa-sam/ipa_sam.c
index 63f2506a3acdbb739a7cb227bfb6f0ffa723a0ab..d102b4f0c163c4ae084804f9df672cce568af842 100644
--- a/daemons/ipa-sam/ipa_sam.c
+++ b/daemons/ipa-sam/ipa_sam.c
@@ -100,19 +100,6 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
 char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s); /* available in libsmbconf.so */
 extern const struct dom_sid global_sid_Builtin; /* available in libsecurity.so */
 bool secrets_store(const char *key, const void *data, size_t size); /* available in libpdb.so */
-/* from smb_macros.h */
-#define SMB_REALLOC_ARRAY(p,type,count) (type *)realloc_array((p),sizeof(type),(count),true) /* Always frees p on error or s == 0 */
-#define ADD_TO_ARRAY(mem_ctx, type, elem, array, num) \
-do { \
-	*(array) = ((mem_ctx) != NULL) ? \
-		talloc_realloc(mem_ctx, (*(array)), type, (*(num))+1) : \
-		SMB_REALLOC_ARRAY((*(array)), type, (*(num))+1); \
-	SMB_ASSERT((*(array)) != NULL); \
-	(*(array))[*(num)] = (elem); \
-	(*(num)) += 1; \
-} while (0)
-
-
 #define LDAP_SUFFIX "dc=ipa,dc=devel" /* FIXME !!! */
 #define LDAP_PAGE_SIZE 1024
 #define LDAP_OBJ_SAMBASAMACCOUNT "ipaNTUserAttrs"
@@ -1216,8 +1203,6 @@ static bool ldapsam_search_grouptype(struct pdb_methods *methods,
 		return false;
 	}
 
-	state->connection = ldap_state->smbldap_state;
-
 	state->base = talloc_strdup(search, LDAP_SUFFIX);
 	state->connection = ldap_state->smbldap_state;
 	state->scope = LDAP_SCOPE_SUBTREE;
@@ -1402,7 +1387,9 @@ static int set_cross_realm_pw(struct ldapsam_privates *ldap_state,
 		goto done;
 	}
 
-	ret = create_keys(krbctx, service_princ, discard_const(pwd), NULL, &keys, &err_msg);
+	ret = create_keys(krbctx, service_princ, discard_const(pwd), NULL,
+                          &keys, &err_msg);
+	krb5_free_principal(krbctx, service_princ);
 	if (!ret) {
 		if (err_msg != NULL) {
 			DEBUG(1, ("create_keys returned [%s]\n", err_msg));
@@ -1437,7 +1424,6 @@ done:
 	    ber_bvfree(reqdata);
 	}
 	free_keys_contents(krbctx, &keys);
-	krb5_free_principal(krbctx, service_princ);
 	krb5_free_context(krbctx);
 
 	return ret;
@@ -2245,6 +2231,7 @@ static NTSTATUS ipasam_enum_trusted_domains(struct pdb_methods *methods,
 	int scope = LDAP_SCOPE_SUBTREE;
 	LDAPMessage *result = NULL;
 	LDAPMessage *entry = NULL;
+	struct pdb_trusted_domain **tmp;
 
 	filter = talloc_asprintf(mem_ctx, "(objectClass=%s)",
 				 LDAP_OBJ_TRUSTED_DOMAIN);
@@ -2285,16 +2272,20 @@ static NTSTATUS ipasam_enum_trusted_domains(struct pdb_methods *methods,
 
 		if (!fill_pdb_trusted_domain(*domains, ldap_state, entry,
 					     &dom_info)) {
+			talloc_free(*domains);
 			return NT_STATUS_UNSUCCESSFUL;
 		}
 
-		ADD_TO_ARRAY(*domains, struct pdb_trusted_domain *, dom_info,
-			     domains, num_domains);
-
-		if (*domains == NULL) {
-			DEBUG(1, ("talloc failed\n"));
+		tmp = talloc_realloc(*domains, *domains,
+		                     struct pdb_trusted_domain *,
+		                     (*(num_domains))+1);
+		if (tmp == NULL) {
+			talloc_free(*domains);
 			return NT_STATUS_NO_MEMORY;
 		}
+		*domains = tmp;
+		(*(domains))[*(num_domains)] = dom_info;
+		(*(num_domains)) += 1;
 	}
 
 	DEBUG(5, ("ipasam_enum_trusted_domains: got %d domains\n", *num_domains));
@@ -2699,14 +2690,15 @@ static bool ipasam_get_trusteddom_pw(struct pdb_methods *methods,
 		goto done;
 	}
 
+	status = get_trust_pwd(tmp_ctx, &td->trust_auth_incoming,
+			       &trustpw, &last_update);
+	if (!NT_STATUS_IS_OK(status)) {
+		ret = false;
+		goto done;
+	}
+
 	/* trusteddom_pw routines do not use talloc yet... */
 	if (pwd != NULL) {
-		status = get_trust_pwd(tmp_ctx, &td->trust_auth_incoming,
-				       &trustpw, &last_update);
-		if (!NT_STATUS_IS_OK(status)) {
-			ret = false;
-			goto done;
-		}
 		*pwd = strdup(trustpw);
 		memset(trustpw, 0, strlen(trustpw));
 		talloc_free(trustpw);
-- 
1.7.10.2

-------------- next part --------------
From 3656f29bf55918b0070bcb42e64eee7d0e7ba6bf Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose at redhat.com>
Date: Wed, 4 Jul 2012 16:19:03 +0200
Subject: [PATCH] ipasam: replace testing code

---
 daemons/ipa-sam/ipa_sam.c |   10 +++++-----
 1 Datei ge?ndert, 5 Zeilen hinzugef?gt(+), 5 Zeilen entfernt(-)

diff --git a/daemons/ipa-sam/ipa_sam.c b/daemons/ipa-sam/ipa_sam.c
index d102b4f0c163c4ae084804f9df672cce568af842..9e553551514da0e07babf8a06e59c17cba51ebaf 100644
--- a/daemons/ipa-sam/ipa_sam.c
+++ b/daemons/ipa-sam/ipa_sam.c
@@ -100,7 +100,7 @@ bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid
 char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s); /* available in libsmbconf.so */
 extern const struct dom_sid global_sid_Builtin; /* available in libsecurity.so */
 bool secrets_store(const char *key, const void *data, size_t size); /* available in libpdb.so */
-#define LDAP_SUFFIX "dc=ipa,dc=devel" /* FIXME !!! */
+
 #define LDAP_PAGE_SIZE 1024
 #define LDAP_OBJ_SAMBASAMACCOUNT "ipaNTUserAttrs"
 #define LDAP_OBJ_TRUSTED_DOMAIN "ipaNTTrustedDomain"
@@ -1044,12 +1044,12 @@ static bool ldapsam_search_users(struct pdb_methods *methods,
 	state->connection = ldap_state->smbldap_state;
 
 	if ((acct_flags != 0) && ((acct_flags & ACB_NORMAL) != 0))
-		state->base = LDAP_SUFFIX;
+		state->base = ldap_state->ipasam_privates->base_dn;
 	else if ((acct_flags != 0) &&
 		 ((acct_flags & (ACB_WSTRUST|ACB_SVRTRUST|ACB_DOMTRUST)) != 0))
-		state->base = LDAP_SUFFIX;
+		state->base = ldap_state->ipasam_privates->base_dn;
 	else
-		state->base = LDAP_SUFFIX;
+		state->base = ldap_state->ipasam_privates->base_dn;
 
 	state->acct_flags = acct_flags;
 	state->base = talloc_strdup(search, state->base);
@@ -1203,7 +1203,7 @@ static bool ldapsam_search_grouptype(struct pdb_methods *methods,
 		return false;
 	}
 
-	state->base = talloc_strdup(search, LDAP_SUFFIX);
+	state->base = talloc_strdup(search, ldap_state->ipasam_privates->base_dn);
 	state->connection = ldap_state->smbldap_state;
 	state->scope = LDAP_SCOPE_SUBTREE;
 	state->filter =	talloc_asprintf(search, "(&(objectclass=%s)"
-- 
1.7.10.2

More information about the Freeipa-devel mailing list