Kerberos Ticket without principal?
Christian M Ambach
christian.ambach at de.ibm.com
Fri Jul 22 11:20:54 MDT 2011
Hi list,
I have seen a smbd built from v3-6-test crashing today in
get_user_from_kerberos_info()
because princ_name was null and it then tripped over that in the following
line:
strchr_m(princ_name, '@').
Unfortunately, I couldn't save away a log or core file and I wasn't able
to
recreate it yet :(
What do you think might have gone wrong here? Did the Windows box send an
invalid
Kerberos ticket or did we fail to parse it somewhere?
My naive approach to prevent further coredumps would be to add a safeguard
before the
strchr_m line, something like:
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -49,6 +49,11 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX
*mem_ctx,
DEBUG(3, ("Kerberos ticket principal name is [%s]\n",
princ_name));
+ if (!princ_name) {
+ DEBUG(3, ("Ticket as empty principal!\n"));
+ return NT_STATUS_LOGON_FAILURE;
+ }
+
p = strchr_m(princ_name, '@');
if (!p) {
DEBUG(3, ("[%s] Doesn't look like a valid principal\n",
Would that be good enough without having more debug data?
Other proposals?
Cheers,
Christian
More information about the samba-technical
mailing list