Samba 3.0, alpha 21.
kerberos_verify.c has:
... krb5_get_permitted_enctypes(context, &enctypes) ...
for (i=0;enctypes[i];i++) {
...
if (!(ret = krb5_rd_req(context, &auth_context, &packet,
NULL, keytab, NULL, &tkt))) {
krb5_free_ktypes(context, enctypes);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
break;
}
}
if (!enctypes[i]) {
^^^^^^^^^^^^
DEBUG(3,("krb5_rd_req with auth failed (%s)\n",
error_message(ret)));
return NT_STATUS_LOGON_FAILURE;
}
referencing enctypes[] after it's been freed. Got away w/ the right memory crud
under Linux, but on AIX (4.3) this sometimes caused (debug 3 and above):
krb5_rd_req with auth failed (Unknown code 0)
Failed to verify incoming ticket!
error string = No such file or directory
Thanks to Ghassan Tabbara for helping track this down.
-nik
% gnudiff -u libads/kerberos_verify.c.orig libads/kerberos_verify.c
--- libads/kerberos_verify.c.orig Tue Nov 12 18:15:49 2002
+++ libads/kerberos_verify.c Fri Dec 13 12:17:02 2002
@@ -46,6 +46,7 @@
char *password_s;
krb5_data password;
krb5_enctype *enctypes = NULL;
+ int authok=0;
if (!secrets_init()) {
DEBUG(1,("secrets_init failed\n"));
@@ -124,11 +125,12 @@
if (!(ret = krb5_rd_req(context, &auth_context, &packet,
NULL, keytab, NULL, &tkt))) {
krb5_free_ktypes(context, enctypes);
+ authok = 1;
break;
}
}
- if (!enctypes[i]) {
+ if (!authok) {
DEBUG(3,("krb5_rd_req with auth failed (%s)\n",
error_message(ret)));
return NT_STATUS_LOGON_FAILURE;
