[PATCH] Fix kerberos authentication with Vista
Andreas Schneider
anschneider at suse.de
Wed Dec 12 12:21:11 GMT 2007
Jeremy Allison wrote:
> On Tue, Dec 11, 2007 at 06:19:28PM +0100, Stefan (metze) Metzmacher wrote:
>> Hi Andreas,
>>
>>> DEBUG(3,("got principal=%s\n", principal ? principal : "<null>"));
>>>
>>> + /* If we get a bad principal, try to guess it */
>>> + if (strcmp(principal, CLI_IGNORE_PRINCIPAL) == 0) {
>>> + char *realm = NULL;
>>> + DEBUG(3,("got a bad principal, trying to guess ...\n"));
>>> + realm = lp_realm();
>>> + if (realm && *realm) {
>>> + asprintf(&principal, "%s$@%s", cli->called.name, realm);
>>> + DEBUG(3,("guessed principal=%s\n", principal ? principal : "<null>"));
>>> + } else {
>>> + DEBUG(0,("please specify 'realm =' in smb.conf\n"));
>>> + }
>>> + }
>>> +
>>> if (got_kerberos_mechanism && (principal == NULL)) {
>>> /*
>>> * It is WRONG to depend on the principal sent in the negprot
>> when is the principal from asprintf() free'ed?
The principal is free'ed at the end of the cli_session_setup_spnego() function.
>
> Or even a check that principal is not null ? :-).
>
> The idiom should be :
>
> if (asprintf(&text, "..." ...) < 0) {
> /* deal with error... */
> }
As we only enter that code if strcmp() is successful, the principal is not
NULL, it is "not_defined_in_RFC4178 at please_ignore" in this case.
-- andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20071212/7c16af8f/signature.bin
More information about the samba-technical
mailing list