samba-mirror/test_ntlm_auth_krb5.sh at 9928d9832cccb11c4a605c5ce31be3af961c141f

mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00

Andrew Bartlett 82c0ecbb2c gse_krb5: Avoid a segfault when we can not read the dedicated keytab file

This improved code simply cleans up the memory as soon as possible,
rather than using memcmp().  Otherwise, we segfault if
krb5_kt_start_seq_get fails, as it can set the fd element in the
handle to -1.

Change-Id: Ib4821ef944a7e12cd8a891ae07dbfc0567c65495
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov 27 07:38:02 CET 2014 on sn-devel-104

2014-11-27 07:38:02 +01:00

33 lines

991 B

Bash

Executable File

Raw Blame History

 #!/bin/sh
 if [ $# -lt 2 ]; then
 cat <<EOF
 Usage: test_ntlm_auth_s3.sh PYTHON SRC3DIR NTLM_AUTH CCACHE SERVER
 EOF
 exit 1;
 fi
 PYTHON=$1
 SRC3DIR=$2
 NTLM_AUTH=$3
 CCACHE=$4
 SERVER=$5
 shift 5
 ADDARGS="$*"
 incdir=`dirname $0`/../../../testprogs/blackbox
 . $incdir/subunit.sh
 failed=0
 KRB5CCNAME=$CCACHE
 export KRB5CCNAME
 # --server-use-winbindd is set so we know it isn't cheating and using the hard-coded passwords
 testit "ntlm_auth with krb5 gss-spnego-client and gss-spnego server" $PYTHON $SRC3DIR/torture/test_ntlm_auth.py $NTLM_AUTH $ADDARGS --target-hostname=$SERVER --target-service=host --client-helper=gss-spnego-client --server-helper=gss-spnego --server-use-winbindd || failed=`expr $failed + 1`
 echo YR| testit "ntlm_auth with krb5 and an invalid keytab" $NTLM_AUTH --helper-protocol=gss-spnego --option=security=ads --option=kerberosmethod='dedicatedkeytab' --option=dedicatedkeytabfile=FILE:`pwd`/$CCACHE.keytab-does-not-exist || failed=`expr $failed + 1`
 testok $0 $failed

33 lines 991 B Bash Executable File Raw Blame History

33 lines

991 B

Bash

Executable File

Raw Blame History