1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

Fix CID 476. Ensure a valid pac_data pointer is always passed to

ads_verify_ticket as it's always derefed.
Jeremy.
This commit is contained in:
Jeremy Allison 2008-01-11 23:53:27 -08:00
parent 1b7cc80c61
commit 0599d57eff
3 changed files with 4 additions and 5 deletions

View File

@ -501,8 +501,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
DEBUG(3,("ads_verify_ticket: did not retrieve auth data. continuing without PAC\n"));
}
if (got_auth_data && pac_data != NULL) {
if (got_auth_data) {
pac_ret = decode_pac_data(mem_ctx, &auth_data, context, keyblock, client_principal, authtime, pac_data);
if (!NT_STATUS_IS_OK(pac_ret)) {
DEBUG(3,("ads_verify_ticket: failed to decode PAC_DATA: %s\n", nt_errstr(pac_ret)));

View File

@ -259,7 +259,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
fstring user;
int sess_vuid = req->vuid;
NTSTATUS ret = NT_STATUS_OK;
PAC_DATA *pac_data;
PAC_DATA *pac_data = NULL;
DATA_BLOB ap_rep, ap_rep_wrapped, response;
auth_serversupplied_info *server_info = NULL;
DATA_BLOB session_key = data_blob_null;
@ -271,7 +271,6 @@ static void reply_spnego_kerberos(struct smb_request *req,
PAC_LOGON_INFO *logon_info = NULL;
ZERO_STRUCT(ticket);
ZERO_STRUCT(pac_data);
ZERO_STRUCT(ap_rep);
ZERO_STRUCT(ap_rep_wrapped);
ZERO_STRUCT(response);

View File

@ -1163,6 +1163,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
char *principal;
DATA_BLOB ap_rep;
DATA_BLOB session_key;
PAC_DATA *pac_data = NULL;
if ( request.negTokenInit.mechToken.data == NULL ) {
DEBUG(1, ("Client did not provide Kerberos data\n"));
@ -1177,7 +1178,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
status = ads_verify_ticket(mem_ctx, lp_realm(), 0,
&request.negTokenInit.mechToken,
&principal, NULL, &ap_rep,
&principal, &pac_data, &ap_rep,
&session_key, True);
talloc_destroy(mem_ctx);