mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
CVE-2020-25717: s3-auth: fix MIT Realm regression
This looks like a regression introduced by the recent security fixes. This commit should hopefully fixes it. As a quick solution it might be possible to use the username map script based on the example in https://bugzilla.samba.org/show_bug.cgi?id=14901#c0. We're not sure this behaves identical, but it might work in the standalone server case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14922 Reported-at: https://lists.samba.org/archive/samba/2021-November/238720.html Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Ralph Boehme <slow@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
parent
f621317e3b
commit
1e61de8306
@ -46,6 +46,7 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
|
|||||||
char *fuser = NULL;
|
char *fuser = NULL;
|
||||||
char *unixuser = NULL;
|
char *unixuser = NULL;
|
||||||
struct passwd *pw = NULL;
|
struct passwd *pw = NULL;
|
||||||
|
bool may_retry = false;
|
||||||
|
|
||||||
DEBUG(3, ("Kerberos ticket principal name is [%s]\n", princ_name));
|
DEBUG(3, ("Kerberos ticket principal name is [%s]\n", princ_name));
|
||||||
|
|
||||||
@ -71,6 +72,7 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
|
|||||||
domain = realm;
|
domain = realm;
|
||||||
} else {
|
} else {
|
||||||
domain = lp_workgroup();
|
domain = lp_workgroup();
|
||||||
|
may_retry = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
fuser = talloc_asprintf(mem_ctx,
|
fuser = talloc_asprintf(mem_ctx,
|
||||||
@ -89,6 +91,13 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
|
|||||||
*mapped_to_guest = false;
|
*mapped_to_guest = false;
|
||||||
|
|
||||||
pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
|
pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
|
||||||
|
if (may_retry && pw == NULL && !*is_mapped) {
|
||||||
|
fuser = talloc_strdup(mem_ctx, user);
|
||||||
|
if (!fuser) {
|
||||||
|
return NT_STATUS_NO_MEMORY;
|
||||||
|
}
|
||||||
|
pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
|
||||||
|
}
|
||||||
if (pw) {
|
if (pw) {
|
||||||
if (!unixuser) {
|
if (!unixuser) {
|
||||||
return NT_STATUS_NO_MEMORY;
|
return NT_STATUS_NO_MEMORY;
|
||||||
|
Loading…
Reference in New Issue
Block a user