mirror of
https://github.com/samba-team/samba.git
synced 2025-01-12 09:18:10 +03:00
r12681: Allow an entry to have no kerberos keys. This occours when an entry
is new, and has no password. It may also occour in the future if we allow PKINIT. In any case, it shouldn't segfault :-) Andrew Bartlett
This commit is contained in:
parent
a54fefbfc5
commit
686fea241b
@ -384,24 +384,32 @@ static krb5_error_code LDB_message2entry(krb5_context context, HDB *db,
|
||||
|
||||
ldb_keys = ldb_msg_find_element(msg, "krb5Key");
|
||||
|
||||
/* allocate space to decode into */
|
||||
entry_ex->entry.keys.val = calloc(ldb_keys->num_values, sizeof(Key));
|
||||
if (entry_ex->entry.keys.val == NULL) {
|
||||
ret = ENOMEM;
|
||||
goto out;
|
||||
}
|
||||
entry_ex->entry.keys.len = ldb_keys->num_values;
|
||||
|
||||
/* Decode Kerberos keys into the hdb structure */
|
||||
for (i=0; i < entry_ex->entry.keys.len; i++) {
|
||||
size_t decode_len;
|
||||
ret = decode_Key(ldb_keys->values[i].data, ldb_keys->values[i].length,
|
||||
&entry_ex->entry.keys.val[i], &decode_len);
|
||||
if (ret) {
|
||||
/* Could be bougus data in the entry, or out of memory */
|
||||
if (!ldb_keys) {
|
||||
/* oh, no password. Apparently (comment in
|
||||
* hdb-ldap.c) this violates the ASN.1, but this
|
||||
* allows an entry with no keys (yet). */
|
||||
entry_ex->entry.keys.val = NULL;
|
||||
entry_ex->entry.keys.len = 0;
|
||||
} else {
|
||||
/* allocate space to decode into */
|
||||
entry_ex->entry.keys.val = calloc(ldb_keys->num_values, sizeof(Key));
|
||||
if (entry_ex->entry.keys.val == NULL) {
|
||||
ret = ENOMEM;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
entry_ex->entry.keys.len = ldb_keys->num_values;
|
||||
|
||||
/* Decode Kerberos keys into the hdb structure */
|
||||
for (i=0; i < entry_ex->entry.keys.len; i++) {
|
||||
size_t decode_len;
|
||||
ret = decode_Key(ldb_keys->values[i].data, ldb_keys->values[i].length,
|
||||
&entry_ex->entry.keys.val[i], &decode_len);
|
||||
if (ret) {
|
||||
/* Could be bougus data in the entry, or out of memory */
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
entry_ex->entry.etypes = malloc(sizeof(*(entry_ex->entry.etypes)));
|
||||
if (entry_ex->entry.etypes == NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user