1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source3/winbindd
Stefan Metzmacher 4959f93227 s3:winbindd: don't use ads_kdestroy(NULL) in winbindd_raw_kerberos_login()
This fixes a problem introduced in the commit:

commit e6c693b705
Author: Stefan Metzmacher <metze@samba.org>
Date:   Wed Feb 28 17:28:43 2024 +0100

    s3:winbindd: pass a NULL ccache to kerberos_return_pac() for a MEMORY ccache

    It means kerberos_return_pac() will use smb_krb5_cc_new_unique_memory().

    ...

Before that commit cc was never NULL as generate_krb5_ccache()
returned "MEMORY:winbindd_pam_ccache" as fallback.

So we called ads_kdestroy("MEMORY:winbindd_pam_ccache").

Now we have cc == NULL if user_ccache_file == NULL.

and kerberos_return_pac() uses smb_krb5_cc_new_unique_memory()
and krb5_cc_destroy() internally.

It means unless user_ccache_file != NULL we should not
call ads_kdestroy(cc) as cc is NULL and means we would destroy
any global default krb5 ccache.

Review with: git show -U25

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2024-05-14 10:18:31 +00:00
..
idmap_hash s3:winbindd: Add zero digit to literal 2023-09-14 21:35:29 +00:00
idmap_ad_nss.c s3:winbind: Pass a memory context to ads_idmap_cached_connection() 2022-06-27 15:50:29 +00:00
idmap_ad.c s3:idmap_ad: add support for ADS_AUTH_SASL_{STARTTLS,LDAPS} 2024-04-23 23:50:34 +00:00
idmap_autorid_tdb.c s3: winbindd: assign rangenum member after NULL check 2024-02-22 10:57:38 +00:00
idmap_autorid.c idmap_autorid: fix ID_REQUIRE_TYPE for more than one SID for an unknown domain 2023-03-10 10:38:37 +00:00
idmap_ldap.c s3:winbindd: Add missing newlines to logging messages 2023-08-08 04:39:38 +00:00
idmap_nss.c idmap_nss: Install a messaging filter to reload the configuration 2023-12-13 15:07:38 +00:00
idmap_passdb.c idmap:fix whitespace 2023-08-14 19:53:37 +00:00
idmap_proto.h
idmap_rfc2307.c s3: Zero memory of idmap_fetch_secret() users 2022-08-26 07:59:32 +00:00
idmap_rid.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
idmap_rw.c
idmap_rw.h
idmap_script.c idmap_script: Save a few lines with str_list_add_printf() 2021-10-08 19:28:31 +00:00
idmap_tdb2.c idmap: Fix whitespace 2023-08-14 19:53:37 +00:00
idmap_tdb_common.c
idmap_tdb_common.h
idmap_tdb.c idmap_tdb: Remove a variable never used 2023-08-14 19:53:37 +00:00
idmap_util.c
idmap.c winbind: Add idmap_config_string_list() 2023-03-29 17:55:50 +00:00
nss_info_template.c
nss_info.c s3: winbindd: remove double initialization 2024-02-22 09:47:44 +00:00
wb_alias_members.c s3:winbind: Add wb_alias_members_{send/recv} 2023-06-13 12:15:32 +00:00
wb_dsgetdcname.c wb_dsgetdcname: don't use stack variables for async code 2023-07-02 17:42:56 +00:00
wb_getgrsid.c s3:winbind: s/wb_group_members_send/wb_alias_members_send/ for SID_NAME_ALIAS in wb_getgrsid_sid2gid_done() 2023-06-13 12:15:32 +00:00
wb_getpwsid.c s3:winbind: Improve logging in wb_getpwsid.c 2022-07-15 14:25:38 +00:00
wb_gettoken.c s3:winbind: Add additional debug level check to wb_gettoken_recv() 2022-07-21 13:47:31 +00:00
wb_group_members.c s3:winbind: Convert wb_group_members_send() to resolve array of groups 2023-06-13 12:15:32 +00:00
wb_lookupname.c s3:winbind: Improve logging in wb_lookupname.c 2022-07-15 14:25:38 +00:00
wb_lookupsid.c s3:winbind: Improve logging in wb_lookupsid.c 2022-07-15 14:25:38 +00:00
wb_lookupsids.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
wb_lookupuseraliases.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in wb_lookupuseraliases.c 2022-07-21 13:47:31 +00:00
wb_lookupusergroups.c s3/winbindd: Fix bad access to sid array (with debug level >= info) 2022-08-31 15:07:31 +00:00
wb_next_grent.c s3:winbind: Improve logging in wb_next_grent.c 2022-07-15 14:25:38 +00:00
wb_next_pwent.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in wb_next_pwent.c 2022-07-21 13:47:31 +00:00
wb_query_group_list.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in wb_query_group_list.c 2022-07-21 13:47:31 +00:00
wb_query_user_list.c winbind: Fix a typo 2023-06-16 16:14:30 +00:00
wb_queryuser.c s4:torture: Skip test_membership_user for users that get incorrectly assigned group sid 2023-06-13 12:15:32 +00:00
wb_seqnum.c
wb_seqnums.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
wb_sids2xids.c s3:winbind: Move tevent_req_create() before debug macros to have the right call depth 2023-01-26 14:10:36 +00:00
wb_xids2sids.c winbind: Fix the 32-bit build 2022-07-23 23:29:38 +00:00
winbindd_ads.c s3:winbindd: Improve performance of lookup_groupmem() in idmap_ad 2024-04-02 12:25:31 +00:00
winbindd_ads.h s3:winbind: Pass a memory context to ads_idmap_cached_connection() 2022-06-27 15:50:29 +00:00
winbindd_allocate_gid.c
winbindd_allocate_uid.c
winbindd_cache.c s3:winbindd: Add missing newlines to logging messages 2023-08-08 04:39:38 +00:00
winbindd_ccache_access.c s3/winbindd: use parse_domain_user instead of parse_domain_user_fstr 2023-10-24 12:43:37 +00:00
winbindd_change_machine_acct.c winbindd: add dcname arg to ChangeMachineAccount request 2022-12-21 19:10:35 +00:00
winbindd_check_machine_acct.c
winbindd_cm.c s3:winbindd: use better debug messages than 'talloc_strdup failed' 2024-04-05 13:28:42 +00:00
winbindd_cred_cache.c lib: Remove timeval_set() 2024-03-22 06:07:42 +00:00
winbindd_creds.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_domain_info.c s3:winbind: Convert Ping parent/child call to NDR 2022-03-25 17:03:29 +00:00
winbindd_domain.c s3:winbindd: Use a correct value for the length of domain children 2023-08-30 12:42:29 +00:00
winbindd_dsgetdcname.c s3:winbind: Improve logging in winbindd_dsgetdcname.c 2022-07-15 14:25:38 +00:00
winbindd_dual_ndr.c librpc:ndr: Introduce ‘ndr_flags_type’ type 2023-11-01 20:10:45 +00:00
winbindd_dual_srv.c winbindd: fix listing trusted domains with NT trusts 2024-01-20 14:23:51 +00:00
winbindd_dual.c lib: Remove timeval_set() 2024-03-22 06:07:42 +00:00
winbindd_endgrent.c s3:winbind: Improve logging in winbindd_endgrent.c 2022-07-15 14:25:38 +00:00
winbindd_endpwent.c s3:winbind: Improve logging in winbindd_endpwent.c 2022-07-15 14:25:38 +00:00
winbindd_getdcname.c s3:winbind: Improve logging in winbindd_getdcname.c 2022-07-15 14:25:38 +00:00
winbindd_getgrent.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_getgrent.c 2022-07-21 13:47:31 +00:00
winbindd_getgrgid.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_getgrgid.c 2022-07-21 13:47:31 +00:00
winbindd_getgrnam.c s3/winbindd: replace parse_domain_user_fn with parse_domain_user 2023-10-24 12:43:37 +00:00
winbindd_getgroups.c s3/winbindd: use parse_domain_user_fstr instead of parse_domain_user 2023-10-24 12:43:37 +00:00
winbindd_getpwent.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_getpwent.c 2022-07-21 13:47:31 +00:00
winbindd_getpwnam.c s3/winbindd: use parse_domain_user instead of parse_domain_user_fstr 2023-10-24 12:43:37 +00:00
winbindd_getpwsid.c s3:winbind: Improve logging in winbindd_getpwsid.c 2022-07-15 14:25:38 +00:00
winbindd_getpwuid.c s3:winbind: Improve logging in winbindd_getpwuid.c 2022-07-15 14:25:38 +00:00
winbindd_getsidaliases.c s3:winbind: Add additional debug level check to winbindd_getsidaliases_send() 2022-07-21 13:47:31 +00:00
winbindd_getuserdomgroups.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_getuserdomgroups.c 2022-07-21 13:47:31 +00:00
winbindd_getusersids.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_getusersids.c 2022-07-21 13:47:31 +00:00
winbindd_gpupdate.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_group.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_idmap.c s3:winbind: talloc the static idmap child 2023-12-13 15:07:38 +00:00
winbindd_irpc.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_list_groups.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_list_groups.c 2022-07-21 13:47:31 +00:00
winbindd_list_users.c s3:winbindd: Change the TALLOC_CTX to fix the tevent call depth tracking 2023-07-20 10:38:19 +00:00
winbindd_locator.c s3:winbind: talloc the static locator child 2023-12-13 15:07:38 +00:00
winbindd_lookupname.c s3:winbind: Improve logging in winbindd_lookupname.c 2022-07-15 14:25:38 +00:00
winbindd_lookuprids.c
winbindd_lookupsid.c
winbindd_lookupsids.c
winbindd_misc.c s3:winbind: Add callback winbind_call_flow() 2023-07-19 08:02:33 +00:00
winbindd_msrpc.c s3:winbindd: make use of reset_cm_connection_on_error() for winbindd_lookup_{names,sids}() 2023-07-05 12:17:38 +00:00
winbindd_ndr.c s3:winbindd: Use a correct value for the length of domain children 2023-08-30 12:42:29 +00:00
winbindd_pam_auth_crap.c CVE-2022-2127: winbindd: Fix WINBINDD_PAM_AUTH_CRAP length checks 2023-07-21 12:05:35 +00:00
winbindd_pam_auth.c s3/winbindd: in winbindd_pam_auth_send use canonicalize_username 2023-10-24 12:43:37 +00:00
winbindd_pam_chauthtok.c s3/winbindd: in winbindd_pam_chauthtok_send use canonicalize_username 2023-10-24 12:43:37 +00:00
winbindd_pam_chng_pswd_auth_crap.c s3:winbind: Convert winbindd_dual_pam_chng_pswd_auth_crap() from struct based to NDR based 2022-05-19 17:51:33 +00:00
winbindd_pam_logoff.c s3/winbindd: in winbindd_pam_logoff_send use canonicalize_username 2023-10-24 12:43:37 +00:00
winbindd_pam.c s3:winbindd: don't use ads_kdestroy(NULL) in winbindd_raw_kerberos_login() 2024-05-14 10:18:31 +00:00
winbindd_ping_dc.c
winbindd_proto.h winbindd: make add_trusted_domains_dc() public 2024-01-20 13:20:37 +00:00
winbindd_reconnect_ads.c s3:winbind: Add lookup_aliasmem to winbindd_methods and implement it in all backends 2023-06-13 12:15:32 +00:00
winbindd_reconnect.c s3:winbind: Add lookup_aliasmem to winbindd_methods and implement it in all backends 2023-06-13 12:15:32 +00:00
winbindd_rpc.c s3: winbindd: reduce scope of a variable 2024-02-22 09:47:44 +00:00
winbindd_rpc.h s3:winbind: Add lookup_aliasmem to winbindd_methods and implement it in all backends 2023-06-13 12:15:32 +00:00
winbindd_samr.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_setgrent.c s3:winbind: Improve logging in winbindd_setgrent.c 2022-07-15 14:25:38 +00:00
winbindd_setpwent.c s3:winbind: Improve logging in winbindd_setpwent.c 2022-07-15 14:25:38 +00:00
winbindd_show_sequence.c s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
winbindd_sids_to_xids.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_sids_to_xids.c 2022-07-21 13:47:31 +00:00
winbindd_traceid.c s3:winbindd add "'winbind debug traceid" support via tevent tracing 2022-05-10 17:31:31 +00:00
winbindd_traceid.h s3:winbindd add "'winbind debug traceid" support via tevent tracing 2022-05-10 17:31:31 +00:00
winbindd_util.c auth/credentials: Dynamically calculate the salt principal (unless speccified) 2024-03-14 22:06:39 +00:00
winbindd_wins_byip.c s3:winbind: Improve logging in winbindd_wins_byip.c 2022-07-15 14:25:38 +00:00
winbindd_wins_byname.c winbind: Save an intermediate NULL check with talloc_asprintf_addbuf() 2022-12-14 04:32:34 +00:00
winbindd_xids_to_sids.c s3:winbind: Change '%u' to '%PRIu32' for uint32_t in winbindd_xids_to_sids.c 2022-07-21 13:47:31 +00:00
winbindd.c lib-addrchange: Change API to fill up if_index value from netlink msg 2024-04-16 23:51:45 +00:00
winbindd.h s3:winbindd: Fix code spelling 2023-07-19 09:58:37 +00:00
wscript_build s3:winbind: Add wb_alias_members_{send/recv} 2023-06-13 12:15:32 +00:00