From e0990ccf4e68a8d1bdce89b7d83865d950b4c4d0 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Wed, 14 Dec 2016 16:37:17 +0100
Subject: [PATCH] krb5_wrap: More checks for absolute path in
 smb_krb5_kt_open()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---
 lib/krb5_wrap/krb5_samba.c | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 28884d9044d..6991e585eef 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -1130,12 +1130,29 @@ krb5_error_code smb_krb5_kt_open(krb5_context context,
 				 bool write_access,
 				 krb5_keytab *keytab)
 {
-	if (keytab_name_req != NULL) {
-		if (keytab_name_req[0] != '/') {
-			return KRB5_KT_BADNAME;
-		}
+	int cmp;
+
+	if (keytab_name_req == NULL) {
+		return KRB5_KT_BADNAME;
 	}
 
+	if (keytab_name_req[0] == '/') {
+		goto open_keytab;
+	}
+
+	cmp = strncmp(keytab_name_req, "FILE:/", 6);
+	if (cmp == 0) {
+		goto open_keytab;
+	}
+
+	cmp = strncmp(keytab_name_req, "WRFILE:/", 8);
+	if (cmp == 0) {
+		goto open_keytab;
+	}
+
+	return KRB5_KT_BADNAME;
+
+open_keytab:
 	return smb_krb5_kt_open_relative(context,
 					 keytab_name_req,
 					 write_access,