From 43717a16e2fca8b196d4a89e33b05fefc0cb02d2 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Fri, 11 Jan 2008 23:53:27 -0800
Subject: Fix CID 476. Ensure a valid pac_data pointer is always passed to
 ads_verify_ticket as it's always derefed. Jeremy. (This used to be commit
 0599d57efff0f417f75510e8b08c3cb7b4bcfcd8)

---
 source3/utils/ntlm_auth.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'source3/utils')

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 7e2771c900..6a702fc0cf 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1163,6 +1163,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
 			char *principal;
 			DATA_BLOB ap_rep;
 			DATA_BLOB session_key;
+			PAC_DATA *pac_data = NULL;
 
 			if ( request.negTokenInit.mechToken.data == NULL ) {
 				DEBUG(1, ("Client did not provide Kerberos data\n"));
@@ -1177,7 +1178,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
 
 			status = ads_verify_ticket(mem_ctx, lp_realm(), 0,
 						   &request.negTokenInit.mechToken,
-						   &principal, NULL, &ap_rep,
+						   &principal, &pac_data, &ap_rep,
 						   &session_key, True);
 
 			talloc_destroy(mem_ctx);
-- 
cgit