summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-07 00:06:45 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-07 00:06:45 +0000
commit0026f778bb6f8e3e0f84a907c8f3e337f4f43533 (patch)
treefcfb21380c3a9fc0ea1ff902ccad44db7809f154
parent24cf387139aea9c4ba884eda6c3eb3597d5c12d2 (diff)
downloadsamba-0026f778bb6f8e3e0f84a907c8f3e337f4f43533.tar.gz
samba-0026f778bb6f8e3e0f84a907c8f3e337f4f43533.tar.bz2
samba-0026f778bb6f8e3e0f84a907c8f3e337f4f43533.zip
(merge from 3.0)
Fix segfualt caused by incorrect configuration. If lp_realm() was not set, but security=ADS, we would attempt to free the principal name that krb5 never allocated. Also fix the dump_data() of the session key, now that we use a data_blob to store that. Andrew Bartlett (This used to be commit 24d7eed6cae8015e020ad34c13130ee8afc9052e)
-rw-r--r--source3/libads/kerberos_verify.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index b0efb8f598..50e6971815 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -173,8 +173,11 @@ NTSTATUS ads_verify_ticket(const char *realm, const DATA_BLOB *ticket,
krb5_rcache rcache = NULL;
int ret, i;
krb5_keyblock *key = NULL;
+
krb5_principal host_princ;
char *host_princ_s = NULL;
+ BOOL free_host_princ = False;
+
fstring myname;
char *password_s = NULL;
krb5_data password;
@@ -239,6 +242,8 @@ NTSTATUS ads_verify_ticket(const char *realm, const DATA_BLOB *ticket,
goto out;
}
+ free_host_princ = True;
+
/*
* JRA. We must set the rcache here. This will prevent replay attacks.
*/
@@ -339,10 +344,7 @@ NTSTATUS ads_verify_ticket(const char *realm, const DATA_BLOB *ticket,
free(packet.data);
get_krb5_smb_session_key(context, auth_context, session_key, True);
-#ifdef DEBUG_PASSWORD
- DEBUG(10,("SMB session key (from ticket) follows:\n"));
- dump_data(10, session_key, 16);
-#endif
+ dump_data_pw("SMB session key (from ticket)\n", session_key->data, session_key->length);
#if 0
file_save("/tmp/ticket.dat", ticket->data, ticket->length);
@@ -386,7 +388,9 @@ NTSTATUS ads_verify_ticket(const char *realm, const DATA_BLOB *ticket,
if (!NT_STATUS_IS_OK(sret))
data_blob_free(ap_rep);
- krb5_free_principal(context, host_princ);
+ if (free_host_princ)
+ krb5_free_principal(context, host_princ);
+
if (tkt != NULL)
krb5_free_ticket(context, tkt);
free_kerberos_etypes(context, enctypes);