The branch, master has been updated
via 109ff38 s3-auth: Fix a possible null pointer dereference
via 3381787 s4-kerberos: Make sure we handle kvno's in keytabs correctly
from 6aa0ae5 torture: include config.h before any glibc headers
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 109ff388fd5e1306189d680a8f964a69374f1b01
Author: Andreas Schneider <[email protected]>
Date: Fri Jul 17 10:54:17 2015 +0200
s3-auth: Fix a possible null pointer dereference
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11404
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Alexander Bokovoy <[email protected]>
Autobuild-User(master): Andreas Schneider <[email protected]>
Autobuild-Date(master): Fri Jul 17 14:04:01 CEST 2015 on sn-devel-104
commit 33817876cb7ecb9432cfefad1cf67ae75260310d
Author: Andreas Schneider <[email protected]>
Date: Fri Jul 17 09:03:25 2015 +0200
s4-kerberos: Make sure we handle kvno's in keytabs correctly
Signed-off-by: Andreas Schneider <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_ntlmssp.c | 4 +++-
source4/auth/kerberos/kerberos_util.c | 11 +++++++++--
2 files changed, 12 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index ef83451..a0e4902 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -198,7 +198,9 @@ NTSTATUS auth3_check_password(struct auth4_context
*auth4_context,
user_info->client.account_name,
user_info->client.domain_name,
&server_info);
- *server_returned_info = talloc_steal(mem_ctx, server_info);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ *server_returned_info = talloc_steal(mem_ctx,
server_info);
+ }
return nt_status;
}
diff --git a/source4/auth/kerberos/kerberos_util.c
b/source4/auth/kerberos/kerberos_util.c
index b7f5ab0..76d46bc 100644
--- a/source4/auth/kerberos/kerberos_util.c
+++ b/source4/auth/kerberos/kerberos_util.c
@@ -522,6 +522,7 @@ krb5_error_code
smb_krb5_remove_obsolete_keytab_entries(TALLOC_CTX *mem_ctx,
}
do {
+ krb5_kvno old_kvno = kvno - 1;
krb5_keytab_entry entry;
bool matched = false;
uint32_t i;
@@ -556,8 +557,14 @@ krb5_error_code
smb_krb5_remove_obsolete_keytab_entries(TALLOC_CTX *mem_ctx,
continue;
}
- /* Delete it, if it is not kvno - 1 */
- if (entry.vno != (kvno - 1)) {
+ /*
+ * Delete it, if it is not kvno - 1.
+ *
+ * Some keytab files store the kvno only in 8bits. Limit the
+ * compare to 8bits, so that we don't miss old keys and delete
+ * them.
+ */
+ if ((entry.vno & 0xff) != (old_kvno & 0xff)) {
krb5_error_code rc;
/* Release the enumeration. We are going to
--
Samba Shared Repository
