mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
Fix CID 476. Ensure a valid pac_data pointer is always passed to
ads_verify_ticket as it's always derefed. Jeremy.
This commit is contained in:
parent
1b7cc80c61
commit
0599d57eff
@ -501,8 +501,7 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
|
||||
DEBUG(3,("ads_verify_ticket: did not retrieve auth data. continuing without PAC\n"));
|
||||
}
|
||||
|
||||
if (got_auth_data && pac_data != NULL) {
|
||||
|
||||
if (got_auth_data) {
|
||||
pac_ret = decode_pac_data(mem_ctx, &auth_data, context, keyblock, client_principal, authtime, pac_data);
|
||||
if (!NT_STATUS_IS_OK(pac_ret)) {
|
||||
DEBUG(3,("ads_verify_ticket: failed to decode PAC_DATA: %s\n", nt_errstr(pac_ret)));
|
||||
|
@ -259,7 +259,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
|
||||
fstring user;
|
||||
int sess_vuid = req->vuid;
|
||||
NTSTATUS ret = NT_STATUS_OK;
|
||||
PAC_DATA *pac_data;
|
||||
PAC_DATA *pac_data = NULL;
|
||||
DATA_BLOB ap_rep, ap_rep_wrapped, response;
|
||||
auth_serversupplied_info *server_info = NULL;
|
||||
DATA_BLOB session_key = data_blob_null;
|
||||
@ -271,7 +271,6 @@ static void reply_spnego_kerberos(struct smb_request *req,
|
||||
PAC_LOGON_INFO *logon_info = NULL;
|
||||
|
||||
ZERO_STRUCT(ticket);
|
||||
ZERO_STRUCT(pac_data);
|
||||
ZERO_STRUCT(ap_rep);
|
||||
ZERO_STRUCT(ap_rep_wrapped);
|
||||
ZERO_STRUCT(response);
|
||||
|
@ -1163,6 +1163,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
|
||||
char *principal;
|
||||
DATA_BLOB ap_rep;
|
||||
DATA_BLOB session_key;
|
||||
PAC_DATA *pac_data = NULL;
|
||||
|
||||
if ( request.negTokenInit.mechToken.data == NULL ) {
|
||||
DEBUG(1, ("Client did not provide Kerberos data\n"));
|
||||
@ -1177,7 +1178,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode,
|
||||
|
||||
status = ads_verify_ticket(mem_ctx, lp_realm(), 0,
|
||||
&request.negTokenInit.mechToken,
|
||||
&principal, NULL, &ap_rep,
|
||||
&principal, &pac_data, &ap_rep,
|
||||
&session_key, True);
|
||||
|
||||
talloc_destroy(mem_ctx);
|
||||
|
Loading…
Reference in New Issue
Block a user