svn commit: samba r3110 - in branches/SAMBA_4_0/source: libcli/auth smbd

abartlet at samba.org abartlet at samba.org
Thu Oct 21 08:52:01 GMT 2004 

Author: abartlet
Date: 2004-10-21 08:52:01 +0000 (Thu, 21 Oct 2004)
New Revision: 3110

WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/branches/SAMBA_4_0/source&rev=3110&nolog=1

Log:
Fix the krb5 client and server, so that it doesn't segfault.  There
were also gensec bugs that didn't turn up until we hit error paths in
the krb5 code.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/libcli/auth/gensec.c
   branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c
   branches/SAMBA_4_0/source/libcli/auth/spnego.c
   branches/SAMBA_4_0/source/smbd/rewrite.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/auth/gensec.c	2004-10-21 07:10:59 UTC (rev 3109)
+++ branches/SAMBA_4_0/source/libcli/auth/gensec.c	2004-10-21 08:52:01 UTC (rev 3110)
@@ -452,11 +452,8 @@
 	}
 	(*gensec_security)->private_data = NULL;
 
-	if (!(*gensec_security)->subcontext) {
-		/* don't destory this if this is a subcontext - it belongs to the parent */
-		talloc_free(*gensec_security);
-	}
-	gensec_security = NULL;
+	talloc_free(*gensec_security);
+	*gensec_security = NULL;
 }
 
 /** 

Modified: branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c	2004-10-21 07:10:59 UTC (rev 3109)
+++ branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c	2004-10-21 08:52:01 UTC (rev 3110)
@@ -224,6 +224,40 @@
 	return status;
 }
 
+static void gensec_krb5_end(struct gensec_security *gensec_security)
+{
+	struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
+
+	if (gensec_krb5_state->ticket.length) { 
+	/* Hmm, heimdal dooesn't have this - what's the correct call? */
+#ifdef HAVE_KRB5_FREE_DATA_CONTENTS
+		krb5_free_data_contents(gensec_krb5_state->krb5_context, &gensec_krb5_state->ticket); 
+#endif
+	}
+	if (gensec_krb5_state->krb5_ccache) {
+		/* Removed by jra. They really need to fix their kerberos so we don't leak memory. 
+		   JERRY -- disabled since it causes heimdal 0.6.1rc3 to die
+		   SuSE 9.1 Pro 
+		*/
+#if 0 /* redisabled by gd :) at least until any official heimdal version has it fixed. */
+		krb5_cc_close(context, gensec_krb5_state->krb5_ccache);
+#endif
+	}
+
+	if (gensec_krb5_state->krb5_auth_context) {
+		krb5_auth_con_free(gensec_krb5_state->krb5_context, 
+				   gensec_krb5_state->krb5_auth_context);
+	}
+
+	if (gensec_krb5_state->krb5_context) {
+		krb5_free_context(gensec_krb5_state->krb5_context);
+	}
+
+	talloc_free(gensec_krb5_state);
+	gensec_security->private_data = NULL;
+}
+
+
 static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 {
 	struct gensec_krb5_state *gensec_krb5_state;
@@ -324,6 +358,9 @@
 				DEBUG(1, ("Could not determine hostname for target computer, cannot use kerberos\n"));
 				return NT_STATUS_ACCESS_DENIED;
 			}
+			
+			in_data.length = 0;
+
 			ret = krb5_mk_req(gensec_krb5_state->krb5_context, 
 					  &gensec_krb5_state->krb5_auth_context,
 					  AP_OPTS_USE_SUBKEY | AP_OPTS_MUTUAL_REQUIRED,
@@ -392,40 +429,7 @@
 	}
 }
 
-static void gensec_krb5_end(struct gensec_security *gensec_security)
-{
-	struct gensec_krb5_state *gensec_krb5_state = gensec_security->private_data;
 
-	if (gensec_krb5_state->ticket.length) { 
-	/* Hmm, heimdal dooesn't have this - what's the correct call? */
-#ifdef HAVE_KRB5_FREE_DATA_CONTENTS
-		krb5_free_data_contents(gensec_krb5_state->krb5_context, &gensec_krb5_state->ticket); 
-#endif
-	}
-	if (gensec_krb5_state->krb5_ccache) {
-		/* Removed by jra. They really need to fix their kerberos so we don't leak memory. 
-		   JERRY -- disabled since it causes heimdal 0.6.1rc3 to die
-		   SuSE 9.1 Pro 
-		*/
-#if 0 /* redisabled by gd :) at least until any official heimdal version has it fixed. */
-		krb5_cc_close(context, gensec_krb5_state->krb5_ccache);
-#endif
-	}
-
-	if (gensec_krb5_state->krb5_auth_context) {
-		krb5_auth_con_free(gensec_krb5_state->krb5_context, 
-				   gensec_krb5_state->krb5_auth_context);
-	}
-
-	if (gensec_krb5_state->krb5_context) {
-		krb5_free_context(gensec_krb5_state->krb5_context);
-	}
-
-	talloc_free(gensec_krb5_state);
-	gensec_security->private_data = NULL;
-}
-
-
 /**
  * Next state function for the Krb5 GENSEC mechanism
  * 

Modified: branches/SAMBA_4_0/source/libcli/auth/spnego.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/auth/spnego.c	2004-10-21 07:10:59 UTC (rev 3109)
+++ branches/SAMBA_4_0/source/libcli/auth/spnego.c	2004-10-21 08:52:01 UTC (rev 3110)
@@ -277,19 +277,17 @@
 						  null_data_blob, 
 						  unwrapped_out);
 		}
-		if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) 
-		    && (!NT_STATUS_IS_OK(nt_status))) {
+		if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(nt_status)) {
 			DEBUG(1, ("SPNEGO(%s) NEG_TOKEN_INIT failed: %s\n", 
 				  spnego_state->sub_sec_security->ops->name, nt_errstr(nt_status)));
-				gensec_end(&spnego_state->sub_sec_security);
-		} else {
-			break;
+			gensec_end(&spnego_state->sub_sec_security);
 		}
+		return nt_status;
 	}
 	if (!mechType || !mechType[i]) {
 		DEBUG(1, ("SPNEGO: Could not find a suitable mechtype in NEG_TOKEN_INIT\n"));
 	}
-	return nt_status;
+	return NT_STATUS_INVALID_PARAMETER;
 }
 
 /** create a client negTokenInit 
@@ -369,22 +367,23 @@
 
 	/* compose reply */
 	spnego_out.type = SPNEGO_NEG_TOKEN_TARG;
-	spnego_out.negTokenTarg.supportedMech 
-		= spnego_state->sub_sec_security->ops->oid;
 	spnego_out.negTokenTarg.responseToken = unwrapped_out;
 	spnego_out.negTokenTarg.mechListMIC = null_data_blob;
 	
 	if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+		spnego_out.negTokenTarg.supportedMech 
+			= spnego_state->sub_sec_security->ops->oid;
 		spnego_out.negTokenTarg.negResult = SPNEGO_ACCEPT_INCOMPLETE;
 		spnego_state->state_position = SPNEGO_SERVER_TARG;
 	} else if (NT_STATUS_IS_OK(nt_status)) {
+		spnego_out.negTokenTarg.supportedMech 
+			= spnego_state->sub_sec_security->ops->oid;
 		spnego_out.negTokenTarg.negResult = SPNEGO_ACCEPT_COMPLETED;
 		spnego_state->state_position = SPNEGO_DONE;
 	} else {
+		spnego_out.negTokenTarg.supportedMech = NULL;
 		spnego_out.negTokenTarg.negResult = SPNEGO_REJECT;
-		DEBUG(1, ("SPNEGO(%s) login failed: %s\n", 
-			  spnego_state->sub_sec_security->ops->name, 
-			  nt_errstr(nt_status)));
+		DEBUG(1, ("SPNEGO login failed: %s\n", nt_errstr(nt_status)));
 		spnego_state->state_position = SPNEGO_DONE;
 	}
 	

Modified: branches/SAMBA_4_0/source/smbd/rewrite.c
===================================================================
--- branches/SAMBA_4_0/source/smbd/rewrite.c	2004-10-21 07:10:59 UTC (rev 3109)
+++ branches/SAMBA_4_0/source/smbd/rewrite.c	2004-10-21 08:52:01 UTC (rev 3110)
@@ -46,6 +46,14 @@
 
 void init_subsystems(void)
 {
+	/* Do *not* remove this, until you have removed
+	 * passdb/secrets.c, and proved that Samba still builds... */
+
+	/* Setup the SECRETS subsystem */
+	if (!secrets_init()) {
+		exit(1);
+	}
+
 	/* Setup the PROCESS_MODEL subsystem */
 	if (!process_model_init())
 		exit(1);

More information about the samba-cvs mailing list