svn commit: samba r18476 - in branches/SAMBA_3_0/source/nsswitch: .
jra at samba.org
jra at samba.org
Wed Sep 13 14:54:56 GMT 2006
Author: jra
Date: 2006-09-13 14:54:55 +0000 (Wed, 13 Sep 2006)
New Revision: 18476
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18476
Log:
Protect ourselves from bad cached creds a little
better - don't just panic - delete them.
Jeremy.
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-09-13 14:13:48 UTC (rev 18475)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cache.c 2006-09-13 14:54:55 UTC (rev 18476)
@@ -282,13 +282,13 @@
if (len != 16) {
DEBUG(0,("centry corruption? hash len (%u) != 16\n",
len ));
- smb_panic("centry_hash16");
+ return NULL;
}
if (centry->len - centry->ofs < 16) {
DEBUG(0,("centry corruption? needed 16 bytes, have %d\n",
centry->len - centry->ofs));
- smb_panic("centry_hash16");
+ return NULL;
}
ret = TALLOC_ARRAY(mem_ctx, char, 16);
@@ -589,6 +589,24 @@
return centry;
}
+static void wcache_delete(const char *format, ...) PRINTF_ATTRIBUTE(1,2);
+static void wcache_delete(const char *format, ...)
+{
+ va_list ap;
+ char *kstr;
+ TDB_DATA key;
+
+ va_start(ap, format);
+ smb_xvasprintf(&kstr, format, ap);
+ va_end(ap);
+
+ key.dptr = kstr;
+ key.dsize = strlen(kstr);
+
+ tdb_delete(wcache->tdb, key);
+ free(kstr);
+}
+
/*
make sure we have at least len bytes available in a centry
*/
@@ -918,7 +936,17 @@
if we are returning a salted cred. */
*cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
+ if (*cached_nt_pass == NULL) {
+ const char *sidstr = sid_string_static(sid);
+ /* Bad (old) cred cache. Delete and pretend we
+ don't have it. */
+ DEBUG(0,("wcache_get_creds: bad entry for [CRED/%s] - deleting\n",
+ sidstr));
+ wcache_delete("CRED/%s", sidstr);
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
/* We only have 17 bytes more data in the salted cred case. */
if (centry->len - centry->ofs == 17) {
*cached_salt = (const uint8 *)centry_hash16(centry, mem_ctx);
More information about the samba-cvs
mailing list