svn commit: samba r19045 - in branches/tmp/vl-messaging/source/libsmb: .

ab at samba.org ab at samba.org
Mon Oct 2 13:35:08 GMT 2006 

Author: ab
Date: 2006-10-02 13:35:07 +0000 (Mon, 02 Oct 2006)
New Revision: 19045

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19045

Log:
Merge segfault fixes from Volker. -r 19040:19044
Modified:
   branches/tmp/vl-messaging/source/libsmb/cliconnect.c
   branches/tmp/vl-messaging/source/libsmb/clispnego.c


Changeset:
Modified: branches/tmp/vl-messaging/source/libsmb/cliconnect.c
===================================================================
--- branches/tmp/vl-messaging/source/libsmb/cliconnect.c	2006-10-02 13:30:37 UTC (rev 19044)
+++ branches/tmp/vl-messaging/source/libsmb/cliconnect.c	2006-10-02 13:35:07 UTC (rev 19045)
@@ -723,9 +723,7 @@
 	char *principal;
 	char *OIDs[ASN1_MAX_OIDS];
 	int i;
-#ifdef HAVE_KRB5
 	BOOL got_kerberos_mechanism = False;
-#endif
 	DATA_BLOB blob;
 
 	DEBUG(3,("Doing spnego session setup (blob length=%lu)\n", (unsigned long)cli->secblob.length));
@@ -754,16 +752,27 @@
 	/* make sure the server understands kerberos */
 	for (i=0;OIDs[i];i++) {
 		DEBUG(3,("got OID=%s\n", OIDs[i]));
-#ifdef HAVE_KRB5
 		if (strcmp(OIDs[i], OID_KERBEROS5_OLD) == 0 ||
 		    strcmp(OIDs[i], OID_KERBEROS5) == 0) {
 			got_kerberos_mechanism = True;
 		}
-#endif
 		free(OIDs[i]);
 	}
-	DEBUG(3,("got principal=%s\n", principal));
 
+	DEBUG(3,("got principal=%s\n", principal ? principal : "<null>"));
+
+	if (got_kerberos_mechanism && (principal == NULL)) {
+		/*
+		 * It is WRONG to depend on the principal sent in the negprot
+		 * reply, but right now we do it. So for safety (don't
+		 * segfault later) disable Kerberos when no principal was
+		 * sent. -- VL
+		 */
+		DEBUG(1, ("Kerberos mech was offered, but no principal was "
+			  "sent, disabling Kerberos\n"));
+		cli->use_kerberos = False;
+	}
+
 	fstrcpy(cli->user_name, user);
 
 #ifdef HAVE_KRB5

Modified: branches/tmp/vl-messaging/source/libsmb/clispnego.c
===================================================================
--- branches/tmp/vl-messaging/source/libsmb/clispnego.c	2006-10-02 13:30:37 UTC (rev 19044)
+++ branches/tmp/vl-messaging/source/libsmb/clispnego.c	2006-10-02 13:35:07 UTC (rev 19045)
@@ -149,13 +149,16 @@
 	asn1_end_tag(&data);
 	asn1_end_tag(&data);
 
-	asn1_start_tag(&data, ASN1_CONTEXT(3));
-	asn1_start_tag(&data, ASN1_SEQUENCE(0));
-	asn1_start_tag(&data, ASN1_CONTEXT(0));
-	asn1_read_GeneralString(&data,principal);
-	asn1_end_tag(&data);
-	asn1_end_tag(&data);
-	asn1_end_tag(&data);
+	*principal = NULL;
+	if (asn1_tag_remaining(&data) > 0) {
+		asn1_start_tag(&data, ASN1_CONTEXT(3));
+		asn1_start_tag(&data, ASN1_SEQUENCE(0));
+		asn1_start_tag(&data, ASN1_CONTEXT(0));
+		asn1_read_GeneralString(&data,principal);
+		asn1_end_tag(&data);
+		asn1_end_tag(&data);
+		asn1_end_tag(&data);
+	}
 
 	asn1_end_tag(&data);
 	asn1_end_tag(&data);

More information about the samba-cvs mailing list